On Fri, 2025-10-10 at 12:21 +0200, didier gaumet wrote: > Le 10/10/2025 à 10:47, hw a écrit : > > Hi, > > > > does the version of asterisk in Debian not have the option > > 'allow_wildcard_certs'? > > > > When I try to use it in a transport, asterisk says it can't retrieve the > > transport. > > Hello, > > Unless you are talking about Debian Unstable (Sid), there is no more > Asterisk package in Debian, the last one was for Debian 11 Bullseye (1). > In Sid Asterisk 22 is packaged, so since the feature you mentioned has > been introduced in Asterisk 20 (2), it should work in Sid, provided you > set it up as advised in (2).
Oh --- I thought it's Debian, but it's actually Fedoras version, sorry. That would be 18.12.1 --- which probably should have the option as it shows up in the documentation for version 16[a]. Maybe I'm doing it wrong somehow in pjsip.conf? The documentation never tells you where to put what :( [wildcards] type=transport protocol=tls bind=[IPv4 address of server] verify_server=yes allow_wildcard_certs=yes ca_list_file=/etc/pki/tls/certs/ca-bundle.crt cert_file=/etc/asterisk/cert/fullchain.pem priv_key_file=/etc/asterisk/cert/privkey.pem method=tlsv1_2 With allow_wildcard_certs, it can't retrieve the transport. One of the VOIP providers is using a certificate that has a wildcard in it and isn't even issued for the right server fqdn. I told them they need a new certificate, but perhaps I can get it to work (probably not because it's for the wrong server anyway). [a]: https://docs.asterisk.org/Asterisk_16_Documentation/API_Documentation/Module_Configuration/res_pjsip/#endpoint-endpoint > (1) > https://packages.debian.org/search?keywords=asterisk&searchon=names&exact=1&suite=all§ion=all > (2) > https://docs.asterisk.org/Asterisk_20_Documentation/Upgrading/#res_pjproject -- Bislang noch nicht verboten: Einigkeit und Recht und Freiheit für das deutsche Vaterland!
