Configuring Asteriak 1.6.0.1 with TLS support

Hello Asterisk Gurus,

I installed Asterisk 1.6.0.1 (latest stable) on CentOS 5.2 and am configuring it for TLS support. I installed the OpenSSL package from openssl.org and created the server certificate and the CA certificate and pointed their paths to the relevant variables in the sip.conf file. Then I start the Asterisk server with the command

asterisk -vvvc

The server comes up and I can successfully make SIP over UDP calls from phone A to B. But I cannot make a SIP over TLS call from A to B. With TLS, phone A initiates a TCP handshake (SYN flag) and the server responds with RST,ACK flags. The TCP handshake fails, let alone TLS handshake. I have set the phones to accept any certificate from the server. But I do not reach that stage at all.

How can I check if the Asterisk server started with TLS support enabled?
Is there a command that can tell me that asterisk is running with TLS enabled?

When I do a netstat -na|grep 5060

it shows me that it is listening on UDP port 5060. But when I grep for 5061 (default TLS port) I get nothing. So I believe that my asterisk server is not running with TLS enabled. But this is just my guess. I need a definite way of knowing whether the server is running with TLS enabled or not. If not, what am I missing?

I have the same problem. Can anyone think why?

ditto – have the same issue with TLS with Asterisk installed on FC10.

Hey, I found solution, when you are compiling asterisk, it won’t find some cryptographic libraries so it skippes the compilation od crypto module therefor it is not present in installation and cannot be run.
Try to install these libraries and then to run ./configure & make & make install:

[ul]openssl[/ul]
[ul]libcrypt-dev[/ul]
[ul]libxcrypt-dev[/ul]
[ul]libcrypto+±dev[/ul]
[ul]libssl[/ul]

Hope this is the solution also for you.