Is there any one who can help me how to configure the transport layer security (TLS) and secure real time protocol(SRTP) in FreePBX asterisk system using the PJSIP channel driver. Especially the Asterisk community technical persons please I need your kind support.
because made some configuration and at the end it said transport failure and certificate mismatch or not verified.
the configuration used to to generate server and client certificates are as follows:
- ./ast_tls_cert -C pbx.mycompany.com -O “10.240.69.99” -d /etc/asterisk/keys
- ./ast_tls_cert -m client -c /etc/asterisk/keys/ca.crt -k /etc/asterisk/keys/ca.key -C 10.240.69.99 -O “My Super Company” -d /etc/asterisk/keys -o 100
[transport-tls]
type=transport
protocol=tls
bind=0.0.0.0:5061
cert_file=/etc/asterisk/keys/asterisk.crt
priv_key_file=/etc/asterisk/keys/asterisk.key
method=tlsv1
the endpoint configuration is set to “media_encryption=sdes” and
TLS account settings to the client certificate (100.pem) that we copied to our computer.
Then, we’ll point the TLS server settings to the ca.crt file that we copied to our computer.
but at end SIP 503:transport failure no transport left to try and some times certificate validation failure is generated.