Summary: | ASTERISK-16959: [regression] sslbindport/tlsbindport in http.conf not working | ||
Reporter: | Olaf Holthausen (oholthau) | Labels: | |
Date Opened: | 2010-11-15 07:45:55.000-0600 | Date Closed: | 2012-02-02 11:05:01.000-0600 |
Priority: | Minor | Regression? | Yes |
Status: | Closed/Complete | Components: | Core/HTTP |
Versions: | Frequency of Occurrence | ||
Related Issues: | |||
Environment: | Attachments: | ||
Description: | Dear Sirs, there should be a parameter sslbindport or tlsbindport to set the listening port for the https AMI interface. The port setting seems to disappear on Revision 190940 while transfering the setting from http.c to tcptls.c. Best regards Olaf. | ||
Comments: | By: Leonardo Cardozo Vargas (lcvleo) 2010-11-17 10:05:38.000-0600 The same problem happens at manager.conf If you enable tlsbindport parameter at manager.conf or http.conf, you can see an error message at logs telling us that this parameter is unknow. By: Andrew Latham (lathama) 2010-11-17 17:07:24.000-0600 I am trouble shooting this at the moment. I am having success with tlsbindaddr=192.168.1.2:4433 in http.conf Manager is binding to 0.0.0.0:5039 By: Andrew Latham (lathama) 2010-11-17 17:13:47.000-0600 Just tested manager.conf [general] enabled = yes webenabled = yes port = 5038 bindaddr = 192.168.1.2 tlsenable=yes tlsbindaddr=192.168.1.3 tlsbindport=5039 tlscertfile=/etc/asterisk/asterisk.pem tlsprivatekey=/etc/asterisk/asterisk.pem CLI> manager show settings Global Settings: ---------------- Manager (AMI): Yes Web Manager (AMI/HTTP): Yes TCP Bindaddress: 192.168.1.2:5038 HTTP Timeout (minutes): 60 TLS Enable: Yes TLS Bindaddress: 192.168.1.2:5039 TLS Certfile: /etc/asterisk/a TLS Privatekey: /etc/asterisk/a TLS Cipher: Allow multiple login: Yes Display connects: Yes Timestamp events: Yes Channel vars: Debug: No Block sockets: No You will also note that the output of the cert files is cut off... that is in the manager... Asterisk SVN-branch-1.8-r295078 By: Leonardo Cardozo Vargas (lcvleo) 2010-11-18 04:34:04.000-0600 [Nov 18 08:30:12] NOTICE[10881] manager.c: Invalid keyword <tlsbindport> = <5039> in manager.conf [general] Asterisk SVN-branch-1.8-r295361 By: Paul Belanger (pabelanger) 2010-11-18 08:38:24.000-0600 I've seen this locally too By: Andrew Latham (lathama) 2010-11-18 08:48:26.000-0600 I did a quick look and tested many formats. When reloading twice the configurations would be saved differently than when reloading once. The tlsbindaddr needs the port appended in http.conf but is appears to be hard coded in manager By: Andrew Latham (lathama) 2010-12-06 14:30:24.000-0600 From what I have seen in the code. The settings should be standardized across all protocols. I imagine that the configurations for IAX2 are the most advanced/correct. |