I’m trying to enable HTTPS support on two different Debian Buster boxes.
On one, Asterisk 17.0.0 is installed from source and run as asterisk:asterisk. Basically, I initialised configuration with a make “basic-pbx”.
On the other, packaged Asterisk 16.2.1 is installed from .deb and run as asterisk:asterisk. Basically, initial configuration relies on Debian’s default config files.
On both I produced cert files with "sudo ast_tls_cert -C 192.168.1.25 -O “Foo Bar” -d /etc/asterisk/keys ".
Then I changed files ownerships and modes. In the end, I’ve got:
CLI> http show status
HTTP Server Status:
Server Enabled and Bound to 0.0.0.0:8088
/httpstatus => Asterisk HTTP General Status
/phoneprov/… => Asterisk HTTP Phone Provisioning Tool
/static/… => Asterisk HTTP Static Delivery
/ari/… => Asterisk RESTful API
/ws => Asterisk HTTP WebSocket
Sometimes, I can read in logs:
TLS/SSL error loading cert file
My question, can someone add here, the output of “ls -al /etc/asterisk/keys” and “cat /etc/asterisk/http.conf” on a system where asterisk is run by asterisk:asterisk (user and group) ?