Hi all, We're testing TLS and SRTP on Asterisk 1.8.10.0 and have it working with a commerical (not self-sign) AlphaSSL wildcard (GlobalSign) using Blink Lite 1.6.2 as per https://wiki.asterisk.org/wiki/display/AST/Secure+Calling+Tutorial
We've tested with Bria on an iPhone and that doesn't recognised the commercial CA (GlobalSign Root CA). On a Yealink 28P with V60/V61 is registers over TLS, but can't do SRTP. Yealink are working on this and are testing against one of our dev servers. My question is someone (Digium) must have this working against Polycom (which is a requirement for this project) with commercial certs since that's their partner of choice? This is our relevant setup: tlsenable=yes tlsbindaddr=0.0.0.0 tcpbindaddr=0.0.0.0 tcpenable=yes transport=tcp,udp,tls tlscertfile=/etc/asterisk/ssl/test_wildcard_cert.pem tlscafile=/etc/asterisk/ssl/AlphaSSLroot.crt tlscipher=ALL tlsclientmethod=tlsv1 This file has the cert and key in it: test_wildcard_cert.pem is as per: http://www.alphassl.com/support/install-ssl/apache.html and AlphaSSLroot.crt is as per: http://www.alphassl.com/support/install-root/apache.html We haven't tested Snom or Aastra yet. Thanks, Gavin. -- http://www.suretecsystems.com/services/openldap/ http://www.surevoip.co.uk -- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users