We’ve defined a websocket_clients.conf connection to a target with a public and valid certificate. Connecting via curl from the server works fine, but asterisk fails with a certificate error. ERROR[129035]: tcptls.c:203 handle_tcptls_connection: Certificate from peer '<redacted-ip-here>:443' did not verify: unable to get local issuer certificate
If i disable certificate checking (in websocket_clients.conf) it connects fine.
I’m not sure how to check why this fails specifically for asterisk. Anyone have any ideas how to troubleshoot this further?
In your websocket_client.conf entry you need to set either ca_list_file or ca_list_path to point to a file or directory that contains the CA certificate chain that can be used to validate the server certificate.