Hello, I’m a beginner to Asterisk and recently set up a simple PBX with UDP transport and PJSIP configuration successfully. Now I’m attempting to switch over to TLS transport and am having some issues with doing so. After following through the first half (about TLS transport) of the Asterisk Wiki …

This is due to the OpenSSL version in use. It’s wanting a larger key. You can do this by passing “-b 2048” to the ast_tls_cert utility in recent versions.

The ast_tls_cert script uses OpenSSL underneath to create it, it’s a convenient script to do a lot of the legwork of doing so. If you want to do it yourself you can.

[SOLVED] PJSIP TLS Cert Key 'Too Small'

Asterisk Asterisk SIP

Karish-ali May 11, 2020, 6:09pm 3

Okay, thank you! I’ll go ahead and try that right now. I have OpenSSL installed, would it also fix the issue if I used that to create the key?

Asterisk outbound registration using client certificates

Topic		Replies	Views
SSL error when PJSIP with Asterisk 20.01 Asterisk SIP	13	488	April 5, 2024
Transport TLS on Ubuntu 20.04 issue Asterisk SIP	2	1251	February 1, 2022
[solved] SIP/TLS certificate error Asterisk Support	2	5536	May 6, 2014
[SOLVED] Error when I try to enable the TLS transport in PJSIP Asterisk Asterisk SIP	2	3093	January 18, 2019
TLS error EE certificate key too weak Asterisk SIP	4	3380	September 16, 2022

[SOLVED] PJSIP TLS Cert Key 'Too Small'

Related topics