ARI over TLS failed to work

this is my http.conf file:

;
; Asterisk Built-in mini-HTTP server
;
;
; Note about Asterisk documentation:
; If Asterisk was installed from a tarball, then the HTML documentation should
; be installed in the static-http/docs directory which is
; (/var/lib/asterisk/static-http/docs) on linux by default. If the Asterisk
; HTTP server is enabled in this file by setting the “enabled”, “bindaddr”,
; and “bindport” options, then you should be able to view the documentation
; remotely by browsing to:
; http://<server_ip>:/static/docs/index.html
;
[general]
tlsenable=yes
tlsbindaddr=0.0.0.0:8089
tlsccertfile=/etc/asterisk/keys/asterisk.pem
tlsprivatekey=/etc/asterisk/keys/ca.pem

servername=Asterisk

enabled=yes

bindaddr=0.0.0.0

bindport=8088
when l sent GET to port 8088, it works fine, but when l sent GET to 8089, it just says connection refused. lt does not even get to certificate validation. What is going on?
url: “https://”+url+"/ari/asterisk/config/dynamic/res_pjsip/auth/" +somenumber

Hi .

When you test by GET to port 8089, make sure you use https:// ( ssl connection)
But if you still failed, then most probably, it means that asterisk did not accept your ssl certificate or private key. Check asterisk logs under /var/log/asterisk/

You can check if https service is running :

rasterisk -rx ‘http show status’

It should contain rows:

Server Enabled and Bound to 0.0.0.0:8088
HTTPS Server Enabled and Bound to 0.0.0.0:8089

If they exist, but you still can’t get https://:8089/ws, then check your firewall ( iptables -L -n )

1 Like

thanks for your help. l am new, and that really help. lt did have errors loading certificate, but l will make another post if l can’t get that to work. The tutorial on ARI should have these information on there besides “TLS is highly recommended”

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.