0

I have installed asterisk 11.12.0 on CentOS (64-bit). When enabling the TLS support i get the following error

WARNING[7620]: tcptls.c:673 handle_tcptls_connection: FILE * open failed!

i tried disabling the TLS option on the server but still get this error. Also when i generate the certificates i get a 

comman name does not match

error.

On the CLI i can see a SSL Certificate OK message.

What could be the reason for this behavior and how can it be resolved.

sip.conf

[general]
context=local
allowguest=no
alwaysauthreject=yes
allow=ulaw
allow=alaw
allow=gsm
directmedia=yes  

allowoverlap=no
bindport=5061
tlsdontverifyserver=yes      
tlsenable=yes
tlsbindaddr=192.168.0.119
tlscertfile=/etc/asterisk/keys/asterisk.pem
tlscafile=/etc/asterisk/keys/ca.crt
tlscapath=/etc/asterisk/keys
register => tls://john:password@192.168.0.119:5061
register => tls://jane:password@192.168.0.119:5061
tlscipher=ALL
tlsclientmethod=tlsv1
localnet=192.168.0.119/255.255.255.0

[john]
type=peer
defaultuser=john
secret=password
dtmfmode=rfc2833
callerid="User one"
host=dynamic      
canreinvite=no
nat=no
encryption=yes
transport=tls

[jane]
type=peer
defaultuser=jane
secret=password
dtmfmode=rfc2833
callerid="User two"
host=dynamic   
canreinvite=no
nat=no
encryption=yes
transport=tls

Regards.

john
  • 133
  • 1
  • 3
  • 10
  • 1
    Edit your question and add the relevant configuration files. –  Oct 25 '14 at 20:29
  • @AndréDaniel i have edited the question plz have a look – john Nov 03 '14 at 20:27
  • What are you trying to do ? Register to a remote SIP server using TLS or allow clients to register on your server using TLS ? –  Nov 03 '14 at 20:33
  • allow clients to register to my server using TLS – john Nov 03 '14 at 20:35
  • common name issue has been resolved, i followed https://wiki.asterisk.org/wiki/display/AST/Secure+Calling+Tutorial when i do `sip reload` i can see SSL Certificate OK – john Nov 03 '14 at 20:36
  • Okay, well then look [here](https://wiki.asterisk.org/wiki/display/AST/SIP+TLS+Transport) in the "server_b" configuration. –  Nov 03 '14 at 20:37
  • i have also included the user conf in the question edit, plz have a look, the only diff i can spot from link u provided it the `type=peer` – john Nov 03 '14 at 20:43

0 Answers0