Asterisk 1.8 TLS problem

I am using Asterisk
I have configured TLS with SRTP.
SRTP is working fine.

When i Tried to register phone with TLS support it gives me following error message

Problem setting up ssl connection: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca

I have created Self Signed Certificate and root CA.
I have installed Rootca certificate to client’s phone as well.

I have followed for configuration.

Can anyone help me in TLS functionality, What am i missing?


Here’s a howto for TLS using Blink: … g+Tutorial


Thanks a lot.
I will try with this link tomorrow and will keep posted.

Hmm yeah it worked.
Thank a lot.

Now i am having a new problem.
As per code Peer to peer calling wont work with SRTP.
I need to make it work so that there is not much load on server even with SRTP.

Do anyone know anything about making it Peer to Peer.
i have checked all conventional ways which were working with version 1.4 or lower, but ther aint working.
have tried all but all in wein.

Can anyone suggest the solution?

I rather suspect that Asterisk does not support end to end key negotiation. From what I gather, even getting SRTP to work in strict back to back user agent mode was not easy.

I could be wrong.

Thanks david
But in old version 1.4.X i had made it work
But the code and architecture has changed a lot in 1.8 and i had just taken 1.8 yesterday.
may be in few days of code studying i will do it again.

I don’t believe 1.4 supports SRTP at all!

no it dont by default
but there are patches available which i applied and it was/is working fine on that version.

Hemanshu, Did you get SRTP peer to peer working? I am facing the same issue.

yups its working
i have made it work for 1.4.X and so for

Thats great! Can you please let me know the steps?

Can you update the steps Hemanshu?

i’m trying to set up TLS in asterisk and ubuntu 10.04. and blink as client in windows.
I’ve followed the tutorial : … g+Tutorial.
but when i’m trying to call, always error: TRANSPORT ERROR in blink.

any ideas?