jamesmcmuffin
Intermediate Programmer.
- Joined
- Jul 22, 2018
- Messages
- 15
- Reaction score
- 1
Ive been getting this very annoying error with the setup of TLS on my incredible pbx and registering my softphone on my phone. Works fabulous! over UDP and TCP.
but i cannot get TLS working for the Life of me!
So i am offering 25$ Paypal Bitcoin You name it Ill do it. i just need tls working whatever way so if you have any information call or text me at 530-988-8631 again note. i am offering money if you can help me figure out why this isnt working.
I have self-signed openssl certificates for my server and a client and that didn't work tried let's encrypt cert and third party cert but gives same error.... "SSL ERROR SSL Handshake 337092801 process client hello no shared cipher"
i have also pointed my sip_general_additonal.conf file to the TLScertfile, TLSprivatekey and the TLScafile and i try using Zoiper or Bria and on Zoiper and Bria when i try to register i get a ERROR 503 Certification Validation Failure and on the Asterisk Verbose i get a SSL ERROR handshake no shared cipher.(as showed in picture) Any help would be greatly appreciated Thank you. I have disclosed my SIP General Additional.conf with a Picture of the main error. FIRST COME FIRST SERVED. Who ever fixes the problem first gets the money. Play fair!
Heres my "sip_general_additional.conf"
;--------------------------------------------------------------------------------;
; Do NOT edit this file as it is auto-generated by FreePBX. ;
;--------------------------------------------------------------------------------;
; For information on adding additional paramaters to this file, please visit the ;
; FreePBX.org wiki page, or ask on IRC. This file was created by the new FreePBX ;
; BMO - Big Module Object. Any similarity in naming with BMO from Adventure Time ;
; is totally deliberate. ;
;--------------------------------------------------------------------------------;
faxdetect=no
vmexten=*97
useragent=FPBX-13.0.192.19(13.22.0)
disallow=all
allow=ulaw
allow=alaw
allow=gsm
allow=g726
allow=g722
context=from-sip-external
callerid=Unknown
notifyringing=yes
notifyhold=yes
tos_sip=cs3
tos_audio=ef
tos_video=af41
alwaysauthreject=yes
limitonpeers=yes
context=from-sip-external
rtpend=20000
rtpstart=10000
tlsprivatekey=/etc/asterisk/keys/ipbx1.key
tlscertfile=/etc/asterisk/keys/ipbx1.crt
tcpenable=yes
callevents=no
bindport=5060
bindaddr=0.0.0.0
jbenable=no
notifyringing=yes
allowguest=yes
tlsbindaddr=0.0.0.0:5061
tlsdontverifyserver=yes
tlsclientmethod=tlsv1
g726nonstandard=no
srvlookup=yes
tlsenable=yes
defaultexpiry=120
videosupport=no
maxcallbitrate=384
canreinvite=no
rtptimeout=30
rtpholdtimeout=300
rtpkeepalive=0
minexpiry=60
maxexpiry=3600
registerattempts=0
registertimeout=20
notifyhold=yes
checkmwi=10
nat=force_rport,comedia
ALLOW_SIP_ANON=no
callerid=Unknown
externip=xx.xx.xxx.xxx
localnet=xx.xxx.x.x/24
localnet=xx.xxx.xxx.x/24
localnet=xxx.xx.x.x/24
language=en
Thank you. my number is above call me at anytime ill be up till this is fixed!
Error IS HERE!!!
View attachment 2163
Jake Yanta
SacTech Solutions
but i cannot get TLS working for the Life of me!
So i am offering 25$ Paypal Bitcoin You name it Ill do it. i just need tls working whatever way so if you have any information call or text me at 530-988-8631 again note. i am offering money if you can help me figure out why this isnt working.
I have self-signed openssl certificates for my server and a client and that didn't work tried let's encrypt cert and third party cert but gives same error.... "SSL ERROR SSL Handshake 337092801 process client hello no shared cipher"
i have also pointed my sip_general_additonal.conf file to the TLScertfile, TLSprivatekey and the TLScafile and i try using Zoiper or Bria and on Zoiper and Bria when i try to register i get a ERROR 503 Certification Validation Failure and on the Asterisk Verbose i get a SSL ERROR handshake no shared cipher.(as showed in picture) Any help would be greatly appreciated Thank you. I have disclosed my SIP General Additional.conf with a Picture of the main error. FIRST COME FIRST SERVED. Who ever fixes the problem first gets the money. Play fair!
Heres my "sip_general_additional.conf"
;--------------------------------------------------------------------------------;
; Do NOT edit this file as it is auto-generated by FreePBX. ;
;--------------------------------------------------------------------------------;
; For information on adding additional paramaters to this file, please visit the ;
; FreePBX.org wiki page, or ask on IRC. This file was created by the new FreePBX ;
; BMO - Big Module Object. Any similarity in naming with BMO from Adventure Time ;
; is totally deliberate. ;
;--------------------------------------------------------------------------------;
faxdetect=no
vmexten=*97
useragent=FPBX-13.0.192.19(13.22.0)
disallow=all
allow=ulaw
allow=alaw
allow=gsm
allow=g726
allow=g722
context=from-sip-external
callerid=Unknown
notifyringing=yes
notifyhold=yes
tos_sip=cs3
tos_audio=ef
tos_video=af41
alwaysauthreject=yes
limitonpeers=yes
context=from-sip-external
rtpend=20000
rtpstart=10000
tlsprivatekey=/etc/asterisk/keys/ipbx1.key
tlscertfile=/etc/asterisk/keys/ipbx1.crt
tcpenable=yes
callevents=no
bindport=5060
bindaddr=0.0.0.0
jbenable=no
notifyringing=yes
allowguest=yes
tlsbindaddr=0.0.0.0:5061
tlsdontverifyserver=yes
tlsclientmethod=tlsv1
g726nonstandard=no
srvlookup=yes
tlsenable=yes
defaultexpiry=120
videosupport=no
maxcallbitrate=384
canreinvite=no
rtptimeout=30
rtpholdtimeout=300
rtpkeepalive=0
minexpiry=60
maxexpiry=3600
registerattempts=0
registertimeout=20
notifyhold=yes
checkmwi=10
nat=force_rport,comedia
ALLOW_SIP_ANON=no
callerid=Unknown
externip=xx.xx.xxx.xxx
localnet=xx.xxx.x.x/24
localnet=xx.xxx.xxx.x/24
localnet=xxx.xx.x.x/24
language=en
Thank you. my number is above call me at anytime ill be up till this is fixed!
Error IS HERE!!!
View attachment 2163
Jake Yanta
SacTech Solutions
Last edited:
Phone System 