On 05.07.19 at 22:02 hw wrote: > > openssl verify -CAfile ca.pem asterisk.pem > asterisk.pem: OK > > > When I set tlsdontverifyserver=yes, it works (i. e. asterisk registers > to the SIP provider and there is no error message). Otherwise I'm > getting the error message and asterisk does not register. > > Reading the comments in sip.conf.sample, I would assume that asterisk > can not verify the certificate of the SIP provider. Yet > > > openssl s_client -connect secure.sip.easybell.de:5061
You know that you don't need an own certificate to connect via tls to the ISP? To be able to verify the certificate of the ISP, asterisk has to know the local CA database. For CentOS 7, this is /etc/pki/tls/certs/ca-bundle.crt. Regards Michael -- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- Check out the new Asterisk community forum at: https://community.asterisk.org/ New to Asterisk? Start here: https://wiki.asterisk.org/wiki/display/AST/Getting+Started asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
