Private key problem

Hi, i have https bounded so certificates should be good. But when i try call from webrtc client, console give this error

 res_rtp_asterisk.c:1888 create_certificate_from_file: Failed to read private key from PEM file '/etc/asterisk/keys/fullchain.pem'

my http config

[general]
enabled=yes
tlsenable=yes
tlsbindaddr=167.172.167.91:8089
bindaddr=167.172.167.91 ; Replace this with your IP address
bindport=8088 ; Replace this with the port you want to listen on
tlscertfile=/etc/asterisk/keys/fullchain.pem
tlsprivatekey=/etc/asterisk/keys/privkey.pem

my sip config

[general]
context=internal
allowguest=no
allowoverlap=no
bindport=5060
bindaddr=0.0.0.0
srvlookup=no
disallow=all
allow=ulaw
alwaysauthreject=yes
canreinvite=no
nat=yes
session-timers=refuse
localnet=167.172.167.91/255.255.255.0

[999]
type=friend
username=999 ; The Auth user for SIP.js
host=dynamic ; Allows any host to register
secret=999 ; The SIP Password for SIP.js
encryption=yes ; Tell Asterisk to use encryption for this peer
avpf=yes ; Tell Asterisk to use AVPF for this peer
icesupport=yes ; Tell Asterisk to use ICE for this peer
context=internal ; Tell Asterisk which context to use when this peer is dialing
directmedia=no ; Asterisk will relay media for this peer
transport=udp,ws,wss ; Asterisk will allow this peer to register on UDP or WebSockets
force_avp=yes ; Force Asterisk to use avp. Introduced in Asterisk 11.11
dtlsenable=yes ; Tell Asterisk to enable DTLS for this peer
dtlsverify=fingerprint ; Tell Asterisk to verify DTLS fingerprint
dtlscertfile=/etc/asterisk/keys/fullchain.pem ; Tell Asterisk where your DTLS cert file is
dtlssetup=actpass ; Tell Asterisk to use actpass SDP parameter when setting up DTLS
rtcp_mux=yes ; Tell Asterisk to do RTCP mux

[1000]
type=friend
host=dynamic
secret=47944614
context=internal

Can anyone help? Thanks!

This is quite a frequently asked question recently, and, if people have resolved it, they haven’t told us what the problem was.

For as start, using OpenSSL to confirm the key is in the file. Also check that all the directories leading up to the file are owned by root or user running asterisk, and do not have write permission for anyone else but are executable by the user running asterisk, and that the file itself is owned by the user running asterisk, and doesn’t have write or read permission for anyone else.