Hello Asterisk Gurus,
I installed Asterisk 188.8.131.52 (latest stable) on CentOS 5.2 and am configuring it for TLS support. I installed the OpenSSL package from openssl.org and created the server certificate and the CA certificate and pointed their paths to the relevant variables in the sip.conf file. Then I start the Asterisk server with the command
The server comes up and I can successfully make SIP over UDP calls from phone A to B. But I cannot make a SIP over TLS call from A to B. With TLS, phone A initiates a TCP handshake (SYN flag) and the server responds with RST,ACK flags. The TCP handshake fails, let alone TLS handshake. I have set the phones to accept any certificate from the server. But I do not reach that stage at all.
How can I check if the Asterisk server started with TLS support enabled?
Is there a command that can tell me that asterisk is running with TLS enabled?
When I do a netstat -na|grep 5060
it shows me that it is listening on UDP port 5060. But when I grep for 5061 (default TLS port) I get nothing. So I believe that my asterisk server is not running with TLS enabled. But this is just my guess. I need a definite way of knowing whether the server is running with TLS enabled or not. If not, what am I missing?