Hello

I keep getting the following error when trying to connect to the Asterisk server using AMI :

$socket = fsockopen("tls://11.22.33.44","5039", $errno, $errstr, 5);

Erorr on CLI :

[Oct 26 14:38:19] ERROR[2992]: tcptls.c:609 handle_tcptls_connection: Problem setting up ssl connection: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca [Oct 26 14:38:19] WARNING[2992]: tcptls.c:684 handle_tcptls_connection: FILE * open failed!

I have in sip.conf :

tlsenable=yes
tlsbindaddr=0.0.0.0

tlscertfile=/etc/asterisk/keys/asterisk.pem
tlsdontverifyserver=yes
tlscipher=ALL
;tlsclientmethod=tlsv2

/etc/asterisk/keys :

-rw------- 1 root root 1,2K okt 26 14:25 asterisk.crt
-rw------- 1 root root  574 okt 26 14:24 asterisk.csr
-rw------- 1 root root  887 okt 26 14:24 asterisk.key
-rw------- 1 root root 2,1K okt 26 14:25 asterisk.pem
-rw------- 1 root root  160 okt 26 14:24 ca.cfg
-rw------- 1 root root 1,8K okt 26 14:24 ca.crt
-rw------- 1 root root 3,3K okt 26 14:24 ca.key
-rw------- 1 root root  123 okt 26 14:24 tmp.cfg


The webserver ( A ) from where I open the socket to tls://11.22.33.44 also has a self-signed certificate.

This problem started when creating a new self-signed cert on webserver A.




Any thoughts ?


Thanks !


Kind regards.


J.
-- 
_____________________________________________________________________
-- Bandwidth and Colocation Provided by http://www.api-digital.com --

Check out the new Asterisk community forum at: https://community.asterisk.org/

New to Asterisk? Start here:
      https://wiki.asterisk.org/wiki/display/AST/Getting+Started

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

Reply via email to