subject:"\[asterisk\-users\] How to set http.conf for HTTPS support on Debian Buster \?"

Re: [asterisk-users] How to set http.conf for HTTPS support on Debian Buster ?

2019-11-18 Thread Olivier

May I add my modules.conf conf (this modules.conf was generated by make
basic-pbx) ?
Maybe a module is missing there ?
Shall I check something in menuselect ?
(Replacing its content with a simple "autoload = yes" does not change
either)

# cat modules.conf
[modules]
autoload = no

; This is a minimal module load. We are loading only the modules required
for
; the Asterisk features used in the Super Awesome Company configuration.

; Applications

load = app_bridgewait.so
load = app_dial.so
load = app_playback.so
load = app_stack.sothis
load = app_verbose.so
load = app_voicemail.so
load = app_directory.so
load = app_confbridge.so

; Bridging

load = bridge_builtin_features.so
load = bridge_builtin_interval_features.so
load = bridge_holding.so
load = bridge_native_rtp.so
load = bridge_simple.so
load = bridge_softmix.so

; Call Detail Records

load = cdr_custom.so

; Channel Drivers

load = chan_bridge_media.so
load = chan_pjsip.so

; Codecs

load = codec_gsm.so
load = codec_resample.so
load = codec_ulaw.so
load = codec_g722.so

; Formats

load = format_gsm.so
load = format_pcm.so
load = format_wav_gsm.so
load = format_wav.so

; Functions

load = func_callerid.so
load = func_cdr.so
load = func_pjsip_endpoint.so
load = func_sorcery.so
load = func_devstate.so
load = func_strings.so

; Core/PBX

load = pbx_config.so

; Resources

load = res_http_websocket.so
load = res_musiconhold.so
load = res_pjproject.so
load = res_pjsip_acl.so
load = res_pjsip_authenticator_digest.so
load = res_pjsip_caller_id.so
load = res_pjsip_dialog_info_body_generator.so
load = res_pjsip_diversion.so
load = res_pjsip_dtmf_info.so
load = res_pjsip_endpoint_identifier_anonymous.so
load = res_pjsip_endpoint_identifier_ip.so
load = res_pjsip_endpoint_identifier_user.so
load = res_pjsip_exten_state.so
load = res_pjsip_header_funcs.so
load = res_pjsip_logger.so
load = res_pjsip_messaging.so
load = res_pjsip_mwi_body_generator.so
load = res_pjsip_mwi.so
load = res_pjsip_nat.so
load = res_pjsip_notify.so
load = res_pjsip_one_touch_record_info.so
load = res_pjsip_outbound_authenticator_digest.so
load = res_pjsip_outbound_publish.so
load = res_pjsip_outbound_registration.so
load = res_pjsip_path.so
load = res_pjsip_pidf_body_generator.so
load = res_pjsip_pidf_digium_body_supplement.so
load = res_pjsip_pidf_eyebeam_body_supplement.so
load = res_pjsip_publish_asterisk.so
load = res_pjsip_pubsub.so
load = res_pjsip_refer.so
load = res_pjsip_registrar.so
load = res_pjsip_rfc3326.so
load = res_pjsip_sdp_rtp.so
load = res_pjsip_send_to_voicemail.so
load = res_pjsip_session.so
load = res_pjsip.so
load = res_pjsip_t38.so
load = res_pjsip_transport_websocket.so
load = res_pjsip_xpidf_body_generator.so
load = res_rtp_asterisk.so
load = res_sorcery_astdb.so
load = res_sorcery_config.so
load = res_sorcery_memory.so
load = res_sorcery_realtime.so
load = res_timing_timerfd.so

; Don't load res_hep.so and kin unless you are using hep monitoring in your
network

noload = res_hep.so
noload = res_hep_pjsip.so
noload = res_hep_rtcp.so

Le lun. 18 nov. 2019 à 22:18, Olivier  a écrit :

> Unfortunately, changing ownership did not solve the issue:
>
> # ls -al keys/
> total 40
> drwxr-xr-x 2 asterisk asterisk 4096 nov.  18 20:47 .
> drwxr-x--- 3 asterisk asterisk 4096 nov.  18 20:53 ..
> -rw--- 1 asterisk asterisk 1224 nov.  18 20:47 asterisk.crt
> -rw--- 1 asterisk asterisk  578 nov.  18 20:46 asterisk.csr
> -rw--- 1 asterisk asterisk  887 nov.  18 20:46 asterisk.key
> -rw--- 1 asterisk asterisk 2111 nov.  18 20:47 asterisk.pem
> -rw--- 1 asterisk asterisk  161 nov.  18 20:46 ca.cfg
> -rw--- 1 asterisk asterisk 1781 nov.  18 20:46 ca.crt
> -rw--- 1 asterisk asterisk 3311 nov.  18 20:46 ca.key
> -rw--- 1 asterisk asterisk  124 nov.  18 20:46 tmp.cfg
>
> # service asterisk stop
> # service asterisk start
> # asterisk -rx "http show status"
> HTTP Server Status:
> Prefix:
> Server: Asterisk/17.0.0
> Server Enabled and Bound to 0.0.0.0:8088
>
> Enabled URI's:
> /httpstatus => Asterisk HTTP General Status
> /static/... => Asterisk HTTP Static Delivery
>
> Enabled Redirects:
>
> Le lun. 18 nov. 2019 à 22:08, Richard Mudgett  a
> écrit :
>
>>
>>
>> On Mon, Nov 18, 2019 at 2:53 PM Olivier  wrote:
>>
>>> Hello,
>>>
>>> I've installed a new Asterisk 17.0.0 on a Debian Buster system.
>>>
>>> This Asterisk instance is run by asterisk user (and group).
>>> I've got:
>>>
>>> # ls -l /etc/asterisk
>>> total 68
>>> -rw-r--r-- 1 asterisk asterisk  501 nov.  18 19:12 asterisk.conf
>>> -rw-r--r-- 1 asterisk asterisk  135 nov.  18 18:57 cdr.conf
>>> -rw-r--r-- 1 asterisk asterisk  684 nov.  18 18:57 cdr_custom.conf
>>> -rw-r--r-- 1 asterisk asterisk  103 nov.  18 18:57 confbridge.conf
>>> -rw-r--r-- 1 asterisk asterisk 6834 nov.  18 18:57 extensions.conf
>>> -rw-r--r-- 1 asterisk asterisk  138 nov.  18 21:42 http.conf
>>> -rw-r--r-- 1 asterisk asterisk  681 nov.  18 18:57 indications.conf
>>> drwxr-xr-x 2 root root 4096 nov.  18 20:47 keys
>>>

Re: [asterisk-users] How to set http.conf for HTTPS support on Debian Buster ?

2019-11-18 Thread Olivier

Unfortunately, changing ownership did not solve the issue:

# ls -al keys/
total 40
drwxr-xr-x 2 asterisk asterisk 4096 nov.  18 20:47 .
drwxr-x--- 3 asterisk asterisk 4096 nov.  18 20:53 ..
-rw--- 1 asterisk asterisk 1224 nov.  18 20:47 asterisk.crt
-rw--- 1 asterisk asterisk  578 nov.  18 20:46 asterisk.csr
-rw--- 1 asterisk asterisk  887 nov.  18 20:46 asterisk.key
-rw--- 1 asterisk asterisk 2111 nov.  18 20:47 asterisk.pem
-rw--- 1 asterisk asterisk  161 nov.  18 20:46 ca.cfg
-rw--- 1 asterisk asterisk 1781 nov.  18 20:46 ca.crt
-rw--- 1 asterisk asterisk 3311 nov.  18 20:46 ca.key
-rw--- 1 asterisk asterisk  124 nov.  18 20:46 tmp.cfg

# service asterisk stop
# service asterisk start
# asterisk -rx "http show status"
HTTP Server Status:
Prefix:
Server: Asterisk/17.0.0
Server Enabled and Bound to 0.0.0.0:8088

Enabled URI's:
/httpstatus => Asterisk HTTP General Status
/static/... => Asterisk HTTP Static Delivery

Enabled Redirects:

Le lun. 18 nov. 2019 à 22:08, Richard Mudgett  a
écrit :

>
>
> On Mon, Nov 18, 2019 at 2:53 PM Olivier  wrote:
>
>> Hello,
>>
>> I've installed a new Asterisk 17.0.0 on a Debian Buster system.
>>
>> This Asterisk instance is run by asterisk user (and group).
>> I've got:
>>
>> # ls -l /etc/asterisk
>> total 68
>> -rw-r--r-- 1 asterisk asterisk  501 nov.  18 19:12 asterisk.conf
>> -rw-r--r-- 1 asterisk asterisk  135 nov.  18 18:57 cdr.conf
>> -rw-r--r-- 1 asterisk asterisk  684 nov.  18 18:57 cdr_custom.conf
>> -rw-r--r-- 1 asterisk asterisk  103 nov.  18 18:57 confbridge.conf
>> -rw-r--r-- 1 asterisk asterisk 6834 nov.  18 18:57 extensions.conf
>> -rw-r--r-- 1 asterisk asterisk  138 nov.  18 21:42 http.conf
>> -rw-r--r-- 1 asterisk asterisk  681 nov.  18 18:57 indications.conf
>> drwxr-xr-x 2 root root 4096 nov.  18 20:47 keys
>> -rw-r--r-- 1 asterisk asterisk  160 nov.  18 18:57 logger.conf
>> -rw-r--r-- 1 asterisk asterisk 2769 nov.  18 18:57 modules.conf
>> -rw-r--r-- 1 asterisk asterisk   50 nov.  18 18:57 musiconhold.conf
>> -rw-r--r-- 1 asterisk asterisk 6360 nov.  18 18:57 pjsip.conf
>> -rw-r--r-- 1 asterisk asterisk  790 nov.  18 18:57 pjsip_notify.conf
>> -rw-r--r-- 1 asterisk asterisk  768 nov.  18 18:57 README
>> -rw-r--r-- 1 asterisk asterisk  513 nov.  18 18:57 voicemail.conf
>>
>> # ls -l /etc/asterisk/keys/
>> total 32
>> -rw--- 1 root root 1224 nov.  18 20:47 asterisk.crt
>> -rw--- 1 root root  578 nov.  18 20:46 asterisk.csr
>> -rw--- 1 root root  887 nov.  18 20:46 asterisk.key
>> -rw--- 1 root root 2111 nov.  18 20:47 asterisk.pem
>>
>
> I'd say that asterisk running as the asterisk user has no permission to
> see the .pem file as only root can see it.
>
> Richard
>
>
>> -rw--- 1 root root  161 nov.  18 20:46 ca.cfg
>> -rw--- 1 root root 1781 nov.  18 20:46 ca.crt
>> -rw--- 1 root root 3311 nov.  18 20:46 ca.key
>> -rw--- 1 root root  124 nov.  18 20:46 tmp.cfg
>>
>> # cat /etc/asterisk/http.conf
>> [general]
>> enabled=yes
>> bindaddr=0.0.0.0
>> bindport=8088
>> tlsenable=yes
>> tlsbindaddr=0.0.0.0:8089
>> tlscertfile=/etc/asterisk/keys/asterisk.pem
>>
>> But, still I don't have any HTTPS server running:
>>
>> # asterisk -rx "http show status"
>> HTTP Server Status:
>> Prefix:
>> Server: Asterisk/17.0.0
>> Server Enabled and Bound to 0.0.0.0:8088
>>
>> Enabled URI's:
>> /httpstatus => Asterisk HTTP General Status
>> /static/... => Asterisk HTTP Static Delivery
>>
>> Enabled Redirects:
>>   None.
>>
>>
>>
>> Can someone help me on this ?
>> Is http;conf correct ?
>> Am I mis-configuring files access rights or ownership ?
>> Something else ?
>>
>> Best regards
>>
>>
>>
>>
>>
>>
>> --
>> _
>> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
>>
>> Check out the new Asterisk community forum at:
>> https://community.asterisk.org/
>>
>> New to Asterisk? Start here:
>>   https://wiki.asterisk.org/wiki/display/AST/Getting+Started
>>
>> asterisk-users mailing list
>> To UNSUBSCRIBE or update options visit:
>>http://lists.digium.com/mailman/listinfo/asterisk-users
>
> --
> _
> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
>
> Check out the new Asterisk community forum at:
> https://community.asterisk.org/
>
> New to Asterisk? Start here:
>   https://wiki.asterisk.org/wiki/display/AST/Getting+Started
>
> asterisk-users mailing list
> To UNSUBSCRIBE or update options visit:
>http://lists.digium.com/mailman/listinfo/asterisk-users
-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --

Check out the new Asterisk community forum at: https://community.asterisk.org/

New to Asterisk? Start here:
  https://wiki.asterisk.org/wiki/display/AST/Getting+Started

asterisk-users mailing list
To UNSUBSCRIBE or update

Re: [asterisk-users] How to set http.conf for HTTPS support on Debian Buster ?

2019-11-18 Thread Richard Mudgett

On Mon, Nov 18, 2019 at 2:53 PM Olivier  wrote:

> Hello,
>
> I've installed a new Asterisk 17.0.0 on a Debian Buster system.
>
> This Asterisk instance is run by asterisk user (and group).
> I've got:
>
> # ls -l /etc/asterisk
> total 68
> -rw-r--r-- 1 asterisk asterisk  501 nov.  18 19:12 asterisk.conf
> -rw-r--r-- 1 asterisk asterisk  135 nov.  18 18:57 cdr.conf
> -rw-r--r-- 1 asterisk asterisk  684 nov.  18 18:57 cdr_custom.conf
> -rw-r--r-- 1 asterisk asterisk  103 nov.  18 18:57 confbridge.conf
> -rw-r--r-- 1 asterisk asterisk 6834 nov.  18 18:57 extensions.conf
> -rw-r--r-- 1 asterisk asterisk  138 nov.  18 21:42 http.conf
> -rw-r--r-- 1 asterisk asterisk  681 nov.  18 18:57 indications.conf
> drwxr-xr-x 2 root root 4096 nov.  18 20:47 keys
> -rw-r--r-- 1 asterisk asterisk  160 nov.  18 18:57 logger.conf
> -rw-r--r-- 1 asterisk asterisk 2769 nov.  18 18:57 modules.conf
> -rw-r--r-- 1 asterisk asterisk   50 nov.  18 18:57 musiconhold.conf
> -rw-r--r-- 1 asterisk asterisk 6360 nov.  18 18:57 pjsip.conf
> -rw-r--r-- 1 asterisk asterisk  790 nov.  18 18:57 pjsip_notify.conf
> -rw-r--r-- 1 asterisk asterisk  768 nov.  18 18:57 README
> -rw-r--r-- 1 asterisk asterisk  513 nov.  18 18:57 voicemail.conf
>
> # ls -l /etc/asterisk/keys/
> total 32
> -rw--- 1 root root 1224 nov.  18 20:47 asterisk.crt
> -rw--- 1 root root  578 nov.  18 20:46 asterisk.csr
> -rw--- 1 root root  887 nov.  18 20:46 asterisk.key
> -rw--- 1 root root 2111 nov.  18 20:47 asterisk.pem
>

I'd say that asterisk running as the asterisk user has no permission to see
the .pem file as only root can see it.

Richard


> -rw--- 1 root root  161 nov.  18 20:46 ca.cfg
> -rw--- 1 root root 1781 nov.  18 20:46 ca.crt
> -rw--- 1 root root 3311 nov.  18 20:46 ca.key
> -rw--- 1 root root  124 nov.  18 20:46 tmp.cfg
>
> # cat /etc/asterisk/http.conf
> [general]
> enabled=yes
> bindaddr=0.0.0.0
> bindport=8088
> tlsenable=yes
> tlsbindaddr=0.0.0.0:8089
> tlscertfile=/etc/asterisk/keys/asterisk.pem
>
> But, still I don't have any HTTPS server running:
>
> # asterisk -rx "http show status"
> HTTP Server Status:
> Prefix:
> Server: Asterisk/17.0.0
> Server Enabled and Bound to 0.0.0.0:8088
>
> Enabled URI's:
> /httpstatus => Asterisk HTTP General Status
> /static/... => Asterisk HTTP Static Delivery
>
> Enabled Redirects:
>   None.
>
>
>
> Can someone help me on this ?
> Is http;conf correct ?
> Am I mis-configuring files access rights or ownership ?
> Something else ?
>
> Best regards
>
>
>
>
>
>
> --
> _
> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
>
> Check out the new Asterisk community forum at:
> https://community.asterisk.org/
>
> New to Asterisk? Start here:
>   https://wiki.asterisk.org/wiki/display/AST/Getting+Started
>
> asterisk-users mailing list
> To UNSUBSCRIBE or update options visit:
>http://lists.digium.com/mailman/listinfo/asterisk-users
-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --

Check out the new Asterisk community forum at: https://community.asterisk.org/

New to Asterisk? Start here:
  https://wiki.asterisk.org/wiki/display/AST/Getting+Started

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

[asterisk-users] How to set http.conf for HTTPS support on Debian Buster ?

2019-11-18 Thread Olivier

Hello,

I've installed a new Asterisk 17.0.0 on a Debian Buster system.

This Asterisk instance is run by asterisk user (and group).
I've got:

# ls -l /etc/asterisk
total 68
-rw-r--r-- 1 asterisk asterisk  501 nov.  18 19:12 asterisk.conf
-rw-r--r-- 1 asterisk asterisk  135 nov.  18 18:57 cdr.conf
-rw-r--r-- 1 asterisk asterisk  684 nov.  18 18:57 cdr_custom.conf
-rw-r--r-- 1 asterisk asterisk  103 nov.  18 18:57 confbridge.conf
-rw-r--r-- 1 asterisk asterisk 6834 nov.  18 18:57 extensions.conf
-rw-r--r-- 1 asterisk asterisk  138 nov.  18 21:42 http.conf
-rw-r--r-- 1 asterisk asterisk  681 nov.  18 18:57 indications.conf
drwxr-xr-x 2 root root 4096 nov.  18 20:47 keys
-rw-r--r-- 1 asterisk asterisk  160 nov.  18 18:57 logger.conf
-rw-r--r-- 1 asterisk asterisk 2769 nov.  18 18:57 modules.conf
-rw-r--r-- 1 asterisk asterisk   50 nov.  18 18:57 musiconhold.conf
-rw-r--r-- 1 asterisk asterisk 6360 nov.  18 18:57 pjsip.conf
-rw-r--r-- 1 asterisk asterisk  790 nov.  18 18:57 pjsip_notify.conf
-rw-r--r-- 1 asterisk asterisk  768 nov.  18 18:57 README
-rw-r--r-- 1 asterisk asterisk  513 nov.  18 18:57 voicemail.conf

# ls -l /etc/asterisk/keys/
total 32
-rw--- 1 root root 1224 nov.  18 20:47 asterisk.crt
-rw--- 1 root root  578 nov.  18 20:46 asterisk.csr
-rw--- 1 root root  887 nov.  18 20:46 asterisk.key
-rw--- 1 root root 2111 nov.  18 20:47 asterisk.pem
-rw--- 1 root root  161 nov.  18 20:46 ca.cfg
-rw--- 1 root root 1781 nov.  18 20:46 ca.crt
-rw--- 1 root root 3311 nov.  18 20:46 ca.key
-rw--- 1 root root  124 nov.  18 20:46 tmp.cfg

# cat /etc/asterisk/http.conf
[general]
enabled=yes
bindaddr=0.0.0.0
bindport=8088
tlsenable=yes
tlsbindaddr=0.0.0.0:8089
tlscertfile=/etc/asterisk/keys/asterisk.pem

But, still I don't have any HTTPS server running:

# asterisk -rx "http show status"
HTTP Server Status:
Prefix:
Server: Asterisk/17.0.0
Server Enabled and Bound to 0.0.0.0:8088

Enabled URI's:
/httpstatus => Asterisk HTTP General Status
/static/... => Asterisk HTTP Static Delivery

Enabled Redirects:
  None.



Can someone help me on this ?
Is http;conf correct ?
Am I mis-configuring files access rights or ownership ?
Something else ?

Best regards
-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --

Check out the new Asterisk community forum at: https://community.asterisk.org/

New to Asterisk? Start here:
  https://wiki.asterisk.org/wiki/display/AST/Getting+Started

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

Re: [asterisk-users] How to set http.conf for HTTPS support on Debian Buster ?

Re: [asterisk-users] How to set http.conf for HTTPS support on Debian Buster ?

Re: [asterisk-users] How to set http.conf for HTTPS support on Debian Buster ?

[asterisk-users] How to set http.conf for HTTPS support on Debian Buster ?

4 matches

Site Navigation

Mail list logo

Footer information