SSL problems (Handshake)

Hello i’m trying to give acces via wss to Odoo and i think i’ve everythin up & running except the cert problems.
Steps i follow :

  1. Tutorial from asterisk to setup tls/wss
  2. Create certificates with the ast_tls_cert and having the .pem .crt .key files




tlsenable=yes          ; enable tls - default no.
tlsbindaddr=    ; address and port to bind to - default is bindaddr and port 8089.
tlscertfile=/etc/asterisk/keys/asterisk.pem  ; path to the certificate file (*.pem) only.
;tlsprivatekey=/etc/asterisk/keys/asterisk_key.pem    ; path to private key file (*.pem) only.

Here the tutorial seems to be not very clear as it requires in the key private a .pem file but the script does not create one.
Am i missing something there?

And when trying to connect through using
i’m getting in the console this errors
WARNING[21949]: pjproject: <?>: | SSL SSL_ERROR_SSL (Handshake): Level: 0 err: <337625269> len: 0 peer:|
WARNING[21949]: pjproject: <?>: | SSL SSL_ERROR_SSL (Handshake): Level: 0 err: <337625269> len: 0 peer:|

Also my local chrome have connection to it…

The error shown when i try an external connection:

Can someone helps me with this?


In your echo attempt you were using port 5061 instead of 8089. You can’t connect to port 5061 as that is for SIP TLS, not HTTPS Websocket.

But if i change to port 8089, i’ve no answer to my asterisk.

Can you point me out what i’m doing wrong?

You’ll need to be more specific about what exactly you are wanting to do, what you’ve tried, and what you are expecting.

I’m trying to connect Odoo which uses a wss://<ip_adrr>:<_port>/ws to connect to asterisk, but with no luck.
Internally everything works fine with calling extensions and also external connections with 3cx softphones to asterisk.
I think that my mistake is about the ssl certificates as i pointed above with the 2 .pem files required

Is the certificate self signed? Does Odoo allow self signed certificates? What does it say when you try? Did you use the 8089 port and address? I should also add that I don’t believe Odoo has ever been tested against Asterisk over websockets.

i create them following

To test the connection to wss://…/ws i use with the port 8089 but no reply from asterisk. If i change to 5061 the console replies with the handshake error.

On connection Asterisk wouldn’t send anything. If it connected, then the websocket was successfully established.

Thanks for your reply jcolp.
Answering your questions :

Is the certificate self signed?
The certificate is self signed, yes

Does Odoo allow self signed certificates?
It does

Did you use the 8089 port and address?
Yes i did, and this is the reply when i try it.

ERROR[21323]: tcptls.c:157 handle_tcptls_connection: Unable to set up ssl connection with peer '<ip_addr>:18994
iostream.c:538 ast_iostream_close: SSL_shutdown() failed: error:00000001:lib(0):func(0):reason(1), Internal SSL error
ERROR[21324]: iostream.c:633 ast_iostream_start_tls: Problem setting up ssl connection: error:00000001:lib(0):func(0):reason(1), Internal SSL

What TLS version does Odoo support? What ciphers? Does it give you any indication of a problem? What version of OpenSSL is in use?

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.