00:04.24 | *** join/#asterisk justdave (~dave@unaffiliated/justdave) |
00:05.18 | *** join/#asterisk matrix1233 (~matrix123@41.230.103.93) |
00:16.24 | *** join/#asterisk bhans (ddfd4592@gateway/web/freenode/ip.221.253.69.146) |
01:08.27 | *** join/#asterisk jzaw (~jzaw@community-wifi.dzki.co.uk) |
01:16.34 | *** join/#asterisk netman (~netman@185.94.249.77) |
02:13.49 | *** join/#asterisk celer (~celer@123.111.234.170) |
02:31.31 | *** join/#asterisk clopez (~tau@neutrino.es) |
02:54.32 | *** join/#asterisk fstd_ (~fstd@unaffiliated/fisted) |
03:58.21 | *** join/#asterisk matrix1233 (~matrix123@41.230.103.93) |
04:22.33 | *** join/#asterisk FarhaadN (~Farhad@82.99.206.194) |
04:23.18 | FarhaadN | why my extention show me status InUse? |
04:23.37 | FarhaadN | in core show channels, there is no channel for this extention |
04:34.47 | *** join/#asterisk UncleKiwi (~UncleKiwi@unaffiliated/unclekiwi) |
04:40.00 | *** part/#asterisk FarhaadN (~Farhad@82.99.206.194) |
04:43.23 | UncleKiwi | hi, whats the best way to put in place a pin code required to make a call |
05:01.13 | *** join/#asterisk FarhaadN (~Farhad@82.99.206.194) |
05:01.55 | FarhaadN | no one can't help me? |
05:02.58 | voipmonk | try during the day , use Pacific or Eastern time as a base |
05:04.00 | FarhaadN | voipmonk: me? |
05:04.05 | voipmonk | yes |
05:04.17 | voipmonk | your lovely light issue |
05:04.19 | voipmonk | :) |
05:04.20 | FarhaadN | not for all extensions |
05:04.39 | FarhaadN | some extension ,random time , change status to InUse |
05:05.28 | FarhaadN | but no channel for this |
05:06.15 | FarhaadN | re register , solved problem |
05:07.45 | *** join/#asterisk miralin (~Thunderbi@178.34.160.48) |
05:08.25 | *** join/#asterisk bof22 (~Thunderbi@185.13.183.107) |
05:11.07 | FarhaadN | voipmonk: no idia? |
05:13.45 | drmessano | lol |
05:14.38 | FarhaadN | helpm me please? |
05:25.03 | Penguin | unclekiwi: You can use Read(), GotoIf(), and DISA(). |
05:26.04 | Penguin | Or simply Read() and GotoIf(). Forget about DISA() -- it isn't needed for that. |
05:28.28 | FarhaadN | Penguin: can u help me? |
05:29.31 | Penguin | unclekiwi: There is also Authenticate() if you like it. |
05:34.04 | UncleKiwi | Penguin: thank you |
05:45.45 | *** join/#asterisk KValchev (~KValchev@ns.atsoftconsult-bg.com) |
05:47.06 | *** join/#asterisk matrix1233 (~matrix123@197.0.194.197) |
06:04.51 | *** join/#asterisk miralin (~Thunderbi@195.19.212.23) |
06:09.08 | *** join/#asterisk babak (uid19622@gateway/web/irccloud.com/x-qmjfuwlhqcciieba) |
06:53.05 | *** join/#asterisk creativx (~ntttt@226.62-97-205.bkkb.no) |
06:54.20 | *** join/#asterisk pchero_work (~pchero@109.70.54.56) |
06:54.39 | *** join/#asterisk hehol (~hehol@gatekeeper.loca.net) |
06:58.06 | *** join/#asterisk tzafrir (~tzafrir@local.xorcom.com) |
07:03.45 | *** join/#asterisk AviiNL (~AviiNL@185.21.52.255) |
07:08.55 | *** join/#asterisk CeBe (~CeBe@a81-14-235-90.net-htp.de) |
07:09.00 | *** join/#asterisk bof23 (~Thunderbi@185.13.182.47) |
07:12.35 | *** join/#asterisk davlefou (~davlefou@unaffiliated/davlefou) |
07:27.13 | *** join/#asterisk jkroon (~jkroon@uls-154-73-35-201.wall.uls.co.za) |
07:28.50 | *** part/#asterisk FarhaadN (~Farhad@82.99.206.194) |
07:35.53 | *** join/#asterisk matrix1233 (~matrix123@197.0.194.197) |
07:42.38 | *** join/#asterisk apb1963 (~apb@107-146-220-94.res.bhn.net) |
07:52.42 | apb1963 | First, I get these endless messages: "[2016-08-22 00:48:28] WARNING[1589]: res_xmpp.c:3633 xmpp_client_thread: JABBER: socket read error". So I guess GV is dead, since I've been getting those for at least 6 weeks now. However, rumor has it (according to the pidgin mailing list) that google hangouts uses XMPP. Anyone know how to setup asterisk to use hangouts in place of GV? |
07:53.39 | *** join/#asterisk Haris (~haris@unaffiliated/haris) |
07:54.15 | apb1963 | This is the the message I saw: If you want to use Hangouts over XMPP, you'll need to enable "less-secure apps" settings in your Google security settings, otherwise you can switch to the Hangouts plugin at https://bitbucket.org/EionRobb/purple-hangouts which uses OAuth to login. |
08:02.01 | apb1963 | Oh and if anyone knows how to shutoff those warnings, I'd appreciate it. I've tried both core set debug 0 and core set verbose 0, as well as xmpp in place of core. No joy. |
08:04.22 | *** join/#asterisk tsia (~Thunderbi@2001:a61:4017:1001:1874:6b4:9826:7463) |
08:04.29 | Haris | is there a way to check syntax ? |
08:08.12 | Haris | I added tlsenable=yes, tlsbindaddr=0.0.0.0:8089, tlscertfile=<path/to/file.crt>, tlsprivatekey=</path/to/file.key>, yet when I run asterisk -rvvvv http show status, asterisk is not listening on tls port. what did I miss ? |
08:08.29 | Haris | this is in http.conf for version 13 |
08:12.00 | *** join/#asterisk sekil (~sekil@nat-73.net011.net) |
08:20.40 | Samot | Why are you putting that information in http.conf? |
08:21.56 | Samot | Oh that's right.. |
08:24.01 | *** join/#asterisk Chainsaw (~chainsaw@gentoo/developer/chainsaw) |
08:24.05 | Samot | Haris: Show your actual httpd.conf file |
08:24.24 | Samot | Haris: Show what is listening: netstat -nl |
08:24.26 | Samot | ~pb |
08:24.26 | infobot | from memory, pastebin is a web-based service where you should paste anything over 3 lines so you don't flood the channel. Here are links to a few: http://pastebin.ca, http://channels.debian.net/paste, http://paste.lisp.org, http://bin.cakephp.org/; or install pastebinit with yum or aptitude. |
08:26.35 | *** join/#asterisk cranq (~crank@107.161.164.124) |
08:50.59 | *** join/#asterisk frvalent (~frvalent@pcitcsasterisk.cern.ch) |
09:08.11 | *** join/#asterisk tuxd00d (~tuxd00d@ip68-106-11-24.ph.ph.cox.net) |
09:08.32 | *** join/#asterisk matrix1233 (~matrix123@197.0.194.197) |
09:18.15 | Samot | Of course. |
09:23.24 | *** join/#asterisk Chainsaw (~chainsaw@gentoo/developer/chainsaw) |
09:34.59 | Haris | ok |
09:35.34 | *** join/#asterisk tzafrir (~tzafrir@local.xorcom.com) |
09:43.08 | Haris | http://pastebin.ca/3703182 |
09:43.59 | *** join/#asterisk friedrich (~friedrich@aextron.de) |
09:44.14 | Haris | is there a keyword to add ca-bundle cert to ssl cert in asterisk http.conf ? |
09:44.18 | Haris | I don't know the keyword |
09:44.34 | Haris | tlscacertfile ? |
09:44.39 | TandyUK | asterisk http conf? |
09:44.46 | TandyUK | you mean apache http conf? |
09:46.37 | TandyUK | check out /usr/share/doc/asterisk<ver>/configs/http.conf.sample |
09:47.44 | *** join/#asterisk u0m3 (~u0m3@5-12-136-175.residential.rdsnet.ro) |
09:48.59 | *** join/#asterisk Svedrin (svedrin@elwing.funzt-halt.net) |
09:51.03 | *** join/#asterisk Rasputin3711 (~Rasputin3@87.255.254.66) |
09:56.06 | Samot | You're missing a setting. |
09:57.54 | Samot | You might want enablestatic=yes |
10:03.21 | *** join/#asterisk eofster (~eofster@213.61.153.26) |
10:04.52 | *** join/#asterisk Tiffon (~name@unaffiliated/tiff0n) |
10:07.16 | Haris | hmm |
10:07.46 | Haris | I left this one out actually |
10:08.45 | Haris | added this setting. restarted asterisk. its still only listening on http port |
10:09.17 | Haris | I don't understand why its giving this error ----> [Aug 22 15:05:03] ERROR[2831] tcptls.c: TLS/SSL error loading cert file. <</etc/asterisk/ssl/sipserver.finpay.pk.crt> |
10:09.57 | Samot | tlscertfile=</etc/asterisk/ssl/sipserver.finpay.pk.crt |
10:10.01 | Samot | That would be why |
10:10.06 | Samot | You have < in both settings. |
10:11.12 | Haris | I saw it in sample config in comments in http.conf |
10:11.20 | Samot | That's wrong. |
10:11.36 | Samot | You're telling it the path to the cert is </etc/asterisk/ssl |
10:11.41 | Haris | great. that was the thing. now its also listening on tls port |
10:11.50 | Haris | hmm |
10:12.30 | Samot | Do you actually have ws calls working? |
10:14.00 | Haris | not tested yet |
10:16.55 | *** part/#asterisk creativx (~ntttt@226.62-97-205.bkkb.no) |
10:18.14 | Samot | I thought thats what you were doing like a week ago? |
10:20.47 | Haris | nope. been working on other stuff in between |
10:21.09 | Haris | stupid Q: is http/https port for ws to be accessed over tcp or udp |
10:22.24 | Samot | Well considering that HTTP and HTTPS is TCP. |
10:22.52 | Samot | But WSS is TCP as well. |
10:26.01 | *** join/#asterisk Haris (~haris@unaffiliated/haris) |
10:30.37 | Haris | how does one add ca-cert to the ssl file in config ? |
10:30.50 | Haris | centossipserver*CLI> |
10:30.51 | Haris | [Aug 22 15:30:17] ERROR[3230]: tcptls.c:609 handle_tcptls_connection: Problem setting up ssl connection: error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request |
10:30.51 | Haris | [Aug 22 15:30:17] WARNING[3230]: tcptls.c:684 handle_tcptls_connection: FILE * open failed! |
10:34.37 | Samot | Same as always, tlscafile= |
10:36.34 | Samot | You have all the TLS stuff setup in sip.conf, correct? |
10:48.16 | Haris | hmm |
10:48.19 | Haris | don't think so |
10:48.29 | Haris | I still have to config this box largely |
10:48.50 | Haris | Correction: Largely, I still have to config this box |
10:50.49 | Haris | [Aug 22 15:49:56] WARNING[3294] http.c: Ignoring unknown option 'tlscafile' in http.conf |
10:53.38 | Samot | Well I thought that might work. |
10:55.37 | Samot | Ahhh... |
10:55.46 | Samot | The mini HTTP server only wants .pem files. |
10:55.52 | Samot | Not .crt or .key files. |
10:56.01 | Samot | So you would generate the crt and the ca in the .pem file. |
10:56.40 | Samot | Did you even look at the sample file as the Wiki suggested? |
10:57.00 | TandyUK | i even told him where to find it |
11:03.34 | *** join/#asterisk _boot (~boot@unaffiliated/boot/x-1140682) |
11:07.26 | Haris | not yet |
11:08.03 | Haris | path /usr/share/doc/asteri... does not exist |
11:08.08 | Haris | on centos 6.8 |
11:10.13 | Samot | http://doxygen.asterisk.org/trunk/http.conf.html |
11:10.24 | Samot | Luckily it hasn't changed much over versions. |
11:10.35 | TandyUK | Haris: /usr/local/share/....? |
11:10.48 | TandyUK | not sure where centos puts its docs |
11:10.59 | Haris | this asterisk 13 install is from source |
11:11.08 | TandyUK | well its in your source dir then |
11:11.20 | Haris | this url is showing what I have in /etc/asterisk/http.conf |
11:11.42 | TandyUK | yeah same file then |
11:12.14 | TandyUK | it shows you needing to use a .pem file and how to create one |
11:12.26 | TandyUK | you need to convertyour existing cert, key and cabundle into a .pem file |
11:12.42 | TandyUK | then give that file to asterisk |
11:13.28 | Samot | Haris: No. |
11:13.35 | Samot | Haris: You do not have .pem files. |
11:13.47 | Haris | yep, I know |
11:13.47 | Samot | Which is the only format the Mini-HTTP server will accept. |
11:14.03 | Haris | I'm checking on how to create it |
11:14.03 | Samot | As explained in that sample document. |
11:15.09 | *** join/#asterisk newtonr (~newtonr@173-21-146-94.client.mchsi.com) |
11:15.09 | *** mode/#asterisk [+o newtonr] by ChanServ |
11:15.41 | *** join/#asterisk chuckf_ (~chuckf@pool-108-45-91-234.washdc.fios.verizon.net) |
11:18.16 | Haris | is this ( https://www.digicert.com/ssl-support/pem-ssl-creation.htm ) correct method for pem file creation ? |
11:18.34 | TandyUK | at a guess, yes |
11:25.45 | _boot | Hi all, I've got TLS working for SIP but I'm trying to enable SRTP, got encryption=yes on asterisk and I'm using baresip with mediaenc set to SRTP. Whenever I try to make a call I get a 488 Not Acceptable Here. i see some kind of crypto stuff in the sdp message, but i don't know what's going on. Can anyone see my mistake? sip debug log at http://pastebin.com/Mp5chfBj |
11:26.25 | *** join/#asterisk tparcina (~tomo@212.92.200.41) |
11:35.12 | Samot | That generally means there were no matching codecs between the two endpoints. |
11:35.22 | Samot | I.e. Asterisk and your softphone. |
11:41.35 | Haris | [Aug 22 16:40:55] ERROR[4292] tcptls.c: TLS/SSL error loading private key file. </etc/asterisk/ssl/sipserver.finpay.pk.key> |
11:43.27 | file | _boot, that is optional SRTP which is not supported by chan_sip |
11:52.24 | Haris | [Aug 22 16:52:03] ERROR[4448] tcptls.c: TLS/SSL error loading private key file. </etc/asterisk/ssl/sipserver.finpay.pk.key.pem> |
12:06.24 | TandyUK | Haris: thats an error with your cert/pem file |
12:16.03 | _boot | Samot: but it works with encryption off |
12:16.30 | Samot | OK. Do you have it set to do SRTP? |
12:17.03 | _boot | file: ...i'm not sure i follow, why doesn't chan_sip support srtp with encryption=yes? |
12:17.13 | file | it supports required SRTP |
12:17.20 | file | but the offer it received was for OPTIONAL SRTP |
12:17.26 | _boot | oh right, okay |
12:17.30 | file | which is not supported in chan_sip, it is however supported in chan_pjsip |
12:17.33 | _boot | why is that even a thing |
12:17.34 | Samot | Haris: Why are you showing us something that we told you to fix already? |
12:18.05 | *** join/#asterisk [TK]D-Fender (~joe@216-191-106-165.dedicated.allstream.net) |
12:18.08 | Samot | Haris: Show your http.conf file. |
12:18.10 | Samot | ~pb |
12:18.10 | infobot | pastebin is, like, a web-based service where you should paste anything over 3 lines so you don't flood the channel. Here are links to a few: http://pastebin.ca, http://channels.debian.net/paste, http://paste.lisp.org, http://bin.cakephp.org/; or install pastebinit with yum or aptitude. |
12:18.31 | _boot | file: how do you tell from the logs that it is optional srtp and not required? |
12:18.44 | file | _boot, it is using "RTP/AVP" instead of "RTP/SAVP" |
12:18.57 | _boot | ah okay, cheers I'll take a look at my client config |
12:19.02 | file | RTP/AVP + crypto = optional, RTP/SAVP + crypto = required |
12:19.26 | _boot | cool |
12:22.30 | _boot | okay, so I found the option to use required srtp and I'm now seeing m=audio 41836 RTP/SAVP 9 0 8 3 101 |
12:23.40 | _boot | ...but still getting the 488 Not Acceptable Here, http://pastebin.com/AqWEihj7 - is sip debug log all i should be looking at here or should I be enabling something more? |
12:24.29 | *** join/#asterisk SeiGGy (~zway@74.203.105.194) |
12:30.03 | file | that's the extent of what chan_sip would tell you, nothing else springs to mind over why it wouldn't be accepting it |
12:31.54 | _boot | i'm gonna restart asterisk again just to be safe |
12:38.37 | Haris | hold please |
12:39.37 | _boot | could it be Asterisk not supporting the cipher? |
12:54.06 | *** join/#asterisk Khronos (~Khronos@72-238-4-152.res.bhn.net) |
12:55.24 | Haris | my http.conf is unchanged, accept for the filename for tlscertfile and tlsprivatekey |
12:55.43 | Haris | http://pastebin.ca/3703255 |
12:56.06 | Haris | accept = except |
12:56.22 | Haris | tried to create .pem file manually |
12:56.34 | Haris | perhaps I miss-ordered content in the .pem file |
13:02.10 | *** join/#asterisk acidfu_ (~acidfoo@modemcable002.114-70-69.static.videotron.ca) |
13:33.17 | *** join/#asterisk tzafrir (~tzafrir@local.xorcom.com) |
13:38.35 | *** join/#asterisk tparcina (~tomo@212.92.200.41) |
13:41.48 | *** join/#asterisk pppingme (~pppingme@unaffiliated/pppingme) |
13:41.52 | *** join/#asterisk tirej (~errorist_@95.9.123.3) |
13:41.56 | tirej | hi everyone |
13:42.36 | tirej | guys , do you know mirtapbx ? |
13:42.44 | tirej | what is this mirtapbx exactly ? |
13:43.11 | tirej | can i develop such as system with asterisk ? and how ? |
13:45.37 | tirej | is there any open source interface for asterisk ? |
13:48.02 | TandyUK | i thought asterisk was open source |
13:48.09 | TandyUK | you doewnload the source, and off you go |
13:48.41 | tirej | yeah, it's |
13:48.54 | tirej | but i am looking for an interface for it |
13:49.05 | _boot | is freepbx or something an Asterisk frontend? |
13:49.06 | tirej | i've no experience with asterisk |
13:49.15 | tirej | _boot, yeah |
13:49.20 | TandyUK | there are many interfaces whcih just wrap around asterisk |
13:49.27 | TandyUK | freepbx is an example |
13:49.45 | TandyUK | all they do is build config files for you |
13:49.54 | _boot | my interface is vim + head slamming on the desk |
13:50.09 | TandyUK | maybe wanna replace that last part :P |
13:50.19 | TandyUK | i use scopserv.com but thats definitely not free |
13:50.25 | _boot | head hurt good |
13:50.39 | TandyUK | tbf, vim causes that for me on its own |
13:50.43 | TandyUK | no need to bang head on desk |
13:51.27 | tirej | i see, but i need to provide an interface for end user |
13:51.42 | tirej | a web gui |
13:52.45 | tirej | has anyone used freepbx ? |
13:54.20 | TandyUK | i dont think free ones of those exist |
13:54.31 | TandyUK | all the guis we are talking about are for the pbx server admin to use, not lusers |
13:54.54 | TandyUK | scopserv has components which und users can use, but certainly not all of it |
13:55.05 | TandyUK | all they get are the stats/cdr reporting |
13:55.11 | wyoung | hey gang! |
13:55.25 | TandyUK | and basic management (agent login/off, hotdesking, call pickup, etc) |
13:56.15 | tirej | TandyUK, by end-user i mean the administrator not the system administrator |
13:57.11 | tirej | but* |
13:57.16 | craigify | tirej, I know freePBX, yes |
13:57.32 | craigify | tirej, I've also talked to the creator of MirthaPBX looking to use it for a project |
13:57.37 | craigify | MirtaPBX |
13:57.45 | craigify | oops |
13:57.58 | tirej | craigify, yeah ? |
13:58.27 | craigify | asterisk is a software platform for making PBXs |
13:58.41 | craigify | there are other products that are ready to use PBXes |
13:58.44 | craigify | based on asterisk |
13:59.09 | craigify | freepbx is open source, has their own support system, and web user interface |
13:59.56 | tirej | i see, so asterisk has an DB or config files and these interfaces (mirtapbx, freepbx ) are just manager? |
13:59.57 | tirej | right ? |
13:59.59 | craigify | MirtaPBX is a modern development. It's multi tenant, where FreePBX is not, plus internally without getting into implementation details, it is designed completely different |
14:00.27 | craigify | that's basically correct |
14:00.32 | somepoortech | sangoma is also working on making the free parts of freepbx less free |
14:00.39 | tirej | craigify, i see |
14:00.42 | *** join/#asterisk KaliLinuxGR (~alexandro@unaffiliated/kalilinuxgr) |
14:01.11 | tirej | craigify, we are using mirtapbx at the company currently but we'd like to built our own |
14:02.22 | craigify | tirej, start learning then :) |
14:02.40 | tirej | craigify, of course, that's why i am here : ) |
14:02.46 | craigify | what are you doing to do with it? |
14:03.05 | tirej | voip |
14:03.11 | TandyUK | really? |
14:03.12 | *** join/#asterisk mjordan (mjordan@nat/digium/x-cdvreuyumiqnkxrw) |
14:03.12 | *** mode/#asterisk [+o mjordan] by ChanServ |
14:03.22 | craigify | lol |
14:03.25 | tirej | TandyUK, not me but my firm yeah |
14:03.30 | TandyUK | and there was me thinking asterisk was for desktop publishing :P |
14:03.31 | tirej | : ) |
14:03.39 | craigify | I thought you'd build a horse race prediction algorithym |
14:03.47 | tirej | haha |
14:04.18 | _boot | mine functions as a fart machine |
14:04.20 | TandyUK | or build a coffee machine |
14:04.28 | TandyUK | dial 3 to add sugar ;) |
14:04.32 | wyoung | craigify: $100 on farlap |
14:04.44 | tirej | :) |
14:05.16 | craigify | heh |
14:06.05 | wyoung | I never said my prediction algorithm was any good :P |
14:06.59 | craigify | tirej, look into Adhearsion. Or you could even roll your own with nodeJS and some libraries |
14:07.15 | craigify | or you could go with asterisk dialplan plus AGI scripts |
14:07.42 | craigify | kind of depends on the scope of what you're doing |
14:07.58 | craigify | dialplan plus AGI scripts might get a bit unruly for large projects |
14:09.01 | craigify | if you don't know shit about Asterisk, get Asterisk: The Definitive Guide, third edition. I think that's the latest edition |
14:09.02 | craigify | BUT |
14:09.08 | craigify | it doesn't cover new stuff in Asterisk 13 |
14:09.15 | craigify | like PJSIP |
14:09.47 | tirej | i see |
14:10.11 | craigify | I just started working on PJSIP |
14:10.45 | craigify | not working on it, working on getting it set up to eventually move to it |
14:11.26 | tirej | craigify, actually i'd like to build similar to mirtapbx |
14:11.42 | tirej | to be honest the company wants me to build one like mirtapbx |
14:12.08 | *** join/#asterisk rmudgett (rmudgett@nat/digium/x-zytitxnezmzediao) |
14:13.28 | craigify | why? |
14:13.50 | *** join/#asterisk SeiGGy (~zway@74.203.105.194) |
14:15.53 | tirej | craigify, having issues with mirtapbx and it's support and to be more flexible about changes |
14:16.15 | tirej | and also to have their own brand shiny precious pbx interface i guess : ) |
14:16.49 | craigify | look at freepbx or asterisknow |
14:17.16 | *** join/#asterisk tsia (~Thunderbi@2001:a61:4017:1001:1874:6b4:9826:7463) |
14:18.11 | tirej | craigify, asterisknow comes with freepbx gui right ? |
14:19.53 | craigify | http://www.asterisk.org/downloads/asterisknow |
14:20.01 | craigify | yep |
14:21.26 | *** join/#asterisk putnopvut (putnopvut@asterisk/master-of-queues/mmichelson) |
14:21.26 | *** mode/#asterisk [+o putnopvut] by ChanServ |
14:21.28 | tirej | craigify, thanks for the guidance |
14:21.29 | craigify | think about the task of writing a complete pbx..... |
14:21.42 | *** join/#asterisk u0m3_ (~u0m3@89.120.204.99) |
14:21.50 | craigify | unless you have a specific reason to do so |
14:21.50 | tirej | really heplful it was |
14:21.54 | craigify | yw |
14:21.55 | *** join/#asterisk kharwell (kharwell@nat/digium/x-adqianqzyugcnlha) |
14:22.42 | tirej | i guess, we'll write from scratch base on asterisk |
14:23.06 | tirej | thats what i can predict from now |
14:23.40 | *** join/#asterisk cresl1n (Adium@asterisk/libpri-and-libss7-expert/Cresl1n) |
14:23.55 | *** mode/#asterisk [+o cresl1n] by ChanServ |
14:26.29 | *** join/#asterisk tsia (~Thunderbi@2001:a61:4017:1001:1874:6b4:9826:7463) |
14:27.02 | tirej | craigify, adhearsion is looks good ! |
14:28.21 | tirej | *looks |
14:28.34 | TandyUK | not asterisk, but check out kazoo too |
14:28.42 | TandyUK | whistle / kazoo |
14:28.48 | TandyUK | whatever theyre callign it now |
14:29.01 | TandyUK | its a clustered freeswitch/kamalio based setup |
14:29.14 | TandyUK | much more resiliant than a single asterisk node, and what im planning to move to long term |
14:30.17 | tirej | TandyUK, would be awesome to have clustered structure |
14:30.37 | TandyUK | indeed |
14:30.47 | TandyUK | thats my biggest problem with asterisk tbh |
14:31.06 | TandyUK | a server dying mid call should not cut off the call, it should just automagically reroute t oa different node |
14:31.26 | TandyUK | completely transparently to the caller/callee, as happens in a freeswitch cluster |
14:31.46 | TandyUK | currently we just have active/passive asterisk nodes |
14:31.58 | tirej | i hate php |
14:32.14 | TandyUK | anythign thats not active/active isnt good for a HA setup |
14:32.24 | TandyUK | php rocks |
14:32.43 | Kobaz | TandyUK: you can do survivable units with asterisk. use reinvites |
14:32.48 | tirej | TandyUK, you are right about everything that you said except php : ) |
14:33.12 | Kobaz | TandyUK: but anything that involves actually handling the call directly, like call recording and/or bridging, you'll be out of luck with just about any system |
14:33.41 | Kobaz | you could get away with call recording via traffic sniffing and have that part be passive, but you're still left with bridging |
14:34.24 | TandyUK | why do you need to bridge? |
14:34.31 | Kobaz | meetme or etc |
14:35.00 | Kobaz | and then if you're using any kind of application server, short of having something like vmware with full system mirroring, then that'll be an issue as well |
14:35.16 | TandyUK | we do use vmware, with fault tolerant nodes |
14:35.24 | TandyUK | so hardware failure is a non issue |
14:36.41 | tirej | TandyUK, so how do you manage incoming calls if the active node goes down ? |
14:40.19 | tirej | i'll be back in 12h-16h,see you guys, |
14:45.23 | TandyUK | tirej: thats the point, they die |
14:45.31 | TandyUK | passive node takes over, for when they retry |
14:51.35 | edong23 | Kobaz: yeah, i do that with kvm |
14:51.40 | edong23 | the system mirroring thing |
14:51.50 | edong23 | there is a blip when a server goes down, the the call stays up |
14:56.01 | edong23 | i have a question that does involve asterisk... but i suspect might end up being a sysadmin question. but thus far seems to only affect my asterisk installation. A while back i asked a question about audio dropping out on my installation. i finally was able to debug it in a maintenance window with no other traffic.. and, it is odd. The rtp stream in tcpdump just stops. the server still receives arps from other systems on the network, but.. |
14:56.01 | edong23 | <PROTECTED> |
14:56.13 | edong23 | putting entries in the host files fixes the issue |
14:56.38 | edong23 | but im trying to figure out why that is even an issue... the server is defined in sip.conf with the ip and name... why would the rtp stream care? |
14:58.38 | file | the RTCP code was doing a lookup needlessly instead of caching the result, so if the local hostname was not in /etc/hosts it could impact media |
14:58.48 | file | a fix has gone in and will be in the next release to resolve it |
14:59.14 | edong23 | file: that is a fair answer.. |
14:59.19 | edong23 | can i ask how long that code has been in there? |
14:59.33 | edong23 | because this affected me in asterisk 11.2 and now in current |
14:59.38 | file | awhile, but it's only applicable to 13+ |
14:59.51 | file | that specific case at least |
15:00.09 | edong23 | hm... i will say my issue got worse after upgrading to 13.x |
15:00.21 | edong23 | but it was indeed doing this on my 11.2 installs... |
15:00.40 | file | it was likely a different path |
15:01.26 | edong23 | a different path/ |
15:01.27 | edong23 | ? |
15:01.50 | file | the code which was just fixed doesn't exist in 11, so if the same issue occurred it was likely caused by something else |
15:01.53 | file | thus a different path |
15:02.13 | edong23 | file: most likely |
15:02.38 | edong23 | i didnt debug the 11 version when the issue occured |
15:04.48 | edong23 | file: here is the full birdseye view |
15:05.04 | wyoung | hi |
15:05.20 | file | a birdseye doesn't really help for this, it'd need a backtrace from the running process to see where it is stuck |
15:06.15 | edong23 | i had a sangoma card that started throwing an error on the echo canceller module. i had some issues with audio then on 11.2, but it was random at best. So i bought a new card, and replaced that server with a new server ( for other reasons) and also upgraded to 13. Then the problem was worse. and then i debuged and found the rtp stream lockup waiting for dns. |
15:06.36 | edong23 | so maybe i had a different problem in 11, possibly related to that card. and now im on 13 and have this issue |
15:08.42 | edong23 | file: true, but either way, you described exactly what im seeing in this situation, and a hostfile entry works. i just didnt want to bandaid somethign without knowing what was causeing it. the most important question is why did my dns server take so long to respond. but ill dig into that. for now, the host file entry will do. and ill upgrade later when the fix is in current/stable |
15:08.49 | edong23 | file: thank you very much |
15:09.01 | file | slow DNS be bad yo |
15:09.12 | file | that being said - we're getting better at tolerating DNS in the newer stuff |
15:09.19 | file | but there's still cases where we can only do so much |
15:09.19 | edong23 | i might have been able to find that in the my googles if i could have worded it in some way. do you have the bug id? |
15:09.43 | file | https://issues.asterisk.org/jira/browse/ASTERISK-26280 |
15:09.51 | edong23 | file: i suspect an issue with my virtual environment storage. I am waiting for 20 SSDs right now to solve the intermittent storage speed. |
15:10.08 | edong23 | file: perfect, thank you. Ill keep an eye on this. |
15:12.33 | wyoung | file: a birdseye? as in a type of chili? |
15:13.10 | file | wyoung, O.o |
15:13.12 | edong23 | wyoung: a type of maple wood |
15:13.30 | wyoung | edong23: I thought maple wood wasa type |
15:14.47 | edong23 | it is. and birdseye maple is a pattern made by the grain that looks like crap but people build stuff out of it because they think it is pretty. but it really looks like acne |
15:15.06 | stefan27 | regarding the of matching INVITEs to sip.conf peer entries... if I receive an INVITE from ip X with From-header: <sip:A@B>;tag=as0c311c9c are only the values of X and A significant when matching to peers? domain B never matters? |
15:15.14 | edong23 | file: again, i appreciate it. i like knowing why something was happening. and this one had be hung up. |
15:15.28 | file | yup yup |
15:19.23 | wyoung | @file uses perl |
15:19.29 | file | negative |
15:22.27 | [TK]D-Fender | stefan27, peer matches the literal source IP, not the reported origin |
15:23.09 | stefan27 | and friend only the user-part of the From-header (A in my case)? |
15:24.50 | [TK]D-Fender | friend = user + peer |
15:25.04 | [TK]D-Fender | it'll try on both and the 1st it htinks can match it'll try to auth against |
15:25.31 | wyoung | file: but you have @ in the name |
15:25.39 | wyoung | file: so you must use perl |
15:25.51 | edong23 | ... |
15:26.01 | wyoung | edong23: hwy biud |
15:29.39 | stefan27 | allright |
15:31.42 | *** join/#asterisk jdcamacho92 (~jdcamacho@190.85.2.234) |
15:31.56 | jdcamacho92 | hello |
15:31.57 | *** join/#asterisk TriJetScud (~TriJetScu@van-app-svr.ad.v10networks.ca) |
15:31.57 | *** join/#asterisk nanoha-sama (~nanoha-sa@van-app-svr.ad.v10networks.ca) |
15:32.00 | jdcamacho92 | is anybody here? |
15:32.02 | wyoung | sup? |
15:32.09 | wyoung | jdcamacho92: I am somewhat here |
15:32.21 | jdcamacho92 | finally |
15:32.24 | jdcamacho92 | hello |
15:32.25 | wyoung | jdcamacho92: depending on your definition of here |
15:32.28 | file | Moo |
15:32.39 | wyoung | file: shut up and code in per |
15:32.40 | wyoung | l |
15:32.49 | jdcamacho92 | i was bored with awayers |
15:32.57 | jdcamacho92 | leavers and afks guys |
15:33.00 | wyoung | jdcamacho92: I knoew right |
15:34.14 | jdcamacho92 | ok, i have a question, is there any script or something like that to rotate caller id numbers? (similar to caller id spoofing). I need this to my trunk, they provided us 150 caller ids but idk how to rotate it. :S |
15:35.05 | *** join/#asterisk everestt (~bigyan@103.235.198.45) |
15:35.33 | jdcamacho92 | usually i use elastix, freepbx tribox.. if is there any module it would be great, but if there is not, im open to use a framework. |
15:36.17 | [TK]D-Fender | There is no magic framework. Setting a callerid is 1 line of dialplan |
15:36.26 | [TK]D-Fender | What logic you put behind the selction of that is up to you |
15:36.45 | [TK]D-Fender | And asking in here should imply that you understand * enouggh to understand that fact. Thus you'd just have to choose your method |
15:37.24 | [TK]D-Fender | There is no module for anything but a limited GUI for this./ It's too small a thing for it to be a ready-made plug--in thing of any kind for a DIY install |
15:37.33 | edong23 | jdcamacho92: if you are asking ^ |
15:37.37 | [TK]D-Fender | indeed |
15:37.47 | edong23 | he beat me to it.. but it is very simple to do |
15:37.56 | edong23 | im curious why you would need to rotate them in such a way |
15:38.11 | jdcamacho92 | ok, i just came here to ask it, i dont want to code it if it already exists |
15:38.17 | [TK]D-Fender | It doesn't |
15:38.21 | jdcamacho92 | thx for ur help :) |
15:38.33 | [TK]D-Fender | Not that it's HARD to do |
15:39.05 | edong23 | jdcamacho92: if it is a block of 150 callerids and they are consecutive, yuou could possibly use a built in rand function |
15:39.12 | [TK]D-Fender | Put them in numbered in into a DB, use AstDB value to track the last one used, increment, then take that record # |
15:39.12 | edong23 | for the say, last few digits |
15:39.37 | [TK]D-Fender | Or pumpt them al into astDB, or grep out using SHELL,, or.... XYZ |
15:39.40 | [TK]D-Fender | 100 different ways |
15:39.42 | *** join/#asterisk miralin (~Thunderbi@195.19.212.23) |
15:39.47 | jdcamacho92 | edong23: no, they are not random. they are established and allowed by Colombian government |
15:40.26 | jdcamacho92 | ok fender, that is what im talking about. |
15:55.24 | Haris | I'm stuck at making .pem for pvt key |
15:56.43 | Haris | its not picking simple pvt key |
15:58.00 | Haris | http://pastebin.ca/3703362 |
16:00.15 | *** join/#asterisk KNERD (~KNERD@2604:a880:1:20::9b:4001) |
16:03.04 | [TK]D-Fender | Haris, You've done nothing to prove your files are there, or in the right condition, nor are you showing the steps in their creation. You've showed nothing of value. |
16:03.30 | Haris | what files ? |
16:03.34 | *** join/#asterisk tuxd00d (~tuxd00d@ip68-106-11-24.ph.ph.cox.net) |
16:03.34 | Haris | ssl cert ? |
16:03.50 | Haris | or the .pem ones |
16:06.12 | [TK]D-Fender | ALL OF THEM |
16:06.34 | [TK]D-Fender | starting with the one it gives you a very clear message about |
16:09.47 | *** join/#asterisk mlhess (~mlhess@drupal.org/user/102818/view) |
16:09.52 | *** join/#asterisk posixninja (~posixninj@ec2-54-214-51-133.us-west-2.compute.amazonaws.com) |
16:11.51 | *** join/#asterisk nny (474656a2@gateway/web/cgi-irc/kiwiirc.com/ip.71.70.86.162) |
16:14.08 | *** join/#asterisk BakaKuna (~BakaKuna@145.129.205.133) |
16:14.39 | nny | Hi channel, quick question. I am working on project that will be pulling (somehow) data from a MongoDB based database. In the past we had a separate db in mysql, but it would get unwieldy and slow as the records hit high numbers (mysql limits). The source data is in MongoDB, and I found this github project using a Mongodb connector https://github.c |
16:14.39 | nny | om/FlaPer87/cdr_mongodb I am still reviewing it but just based on the premise and not that idea, is there other suggestions for this goal? Does ODBC support Mongodb? I am currently using the deprecated application |
16:14.52 | nny | I thought about querying an external script as well, but trying to avoid a mess |
16:15.27 | nny | deprecated application app_mysql* |
16:16.15 | Haris | I'v shown my http.conf |
16:16.17 | Haris | http://pastebin.ca/3703371 |
16:16.38 | Haris | my ssl cert and its key are valid. I did configure asterisk a few hours ago to listen to ws https port |
16:17.10 | Haris | everything is ok. problem starts when I haven't given it a .pem file where it expects one |
16:17.46 | Haris | I'v created normal text files for ssl cert, pvt key, ca bundle. I don't have a .pem |
16:18.08 | Haris | http://pastebin.ca/3703362 <--- my http.conf |
16:18.16 | Haris | what other files have I not shown ? |
16:18.24 | Haris | relevant ones please |
16:18.49 | Haris | I can't paste 113 asterisk config files. they aren't envolved for this case |
16:19.10 | [TK]D-Fender | Haris> everything is ok. problem starts when I haven't given it a .pem file where it expects one <- GIVE IT THE FILE IT IS ASKING FOR |
16:19.28 | [TK]D-Fender | [Aug 22 20:45:38] ERROR[4903] tcptls.c: TLS/SSL error loading private key file. </etc/asterisk/ssl/sipserver.finpay.pk.key> |
16:19.33 | [TK]D-Fender | ^^^^^^^^^^^^ |
16:19.39 | [TK]D-Fender | THATT MESSAGE MEANS WHAT IT SAYS |
16:20.08 | Haris | this file contains rsa pvt key. I'm not why asterisk is not loading it |
16:20.24 | Haris | the file exists on that path |
16:20.45 | [TK]D-Fender | it is bad |
16:20.55 | [TK]D-Fender | HOW you screwed it up is what you need to prove |
16:21.27 | edong23 | or maybe ownership |
16:21.33 | stefan27 | We have a sip friend C (dynamic host) and a sip peer D (static host) where parameter callerid is not set on either of them in sip.conf... When we receive SIP INVITES from C or D, we execute dialplan in which the value of CALLERID(num) seem to have been set to the value of the user in the From-header... but is this always the case or does the value of CALLERID(num) depend on other headers, |
16:21.33 | stefan27 | say RPID or P-Asserted-Identity headers... depending on settings? |
16:22.56 | stefan27 | From reading sip.conf and the documentation for function CALLERID all I could find was that if one sets callerid statically it overrides that |
16:23.05 | Haris | the md5 hash for the key and the csr match. is that good enough ? |
16:23.14 | Haris | this from openssl output |
16:23.59 | [TK]D-Fender | isn't wasting time on half-assed debugging attempts |
16:24.11 | Haris | what's the right way to do it ? |
16:24.30 | WIMPy | stefan27: It depends on trustrpid=. |
16:24.49 | Haris | let's see how much time I'll have to waste in proving that files are ok as they are |
16:25.19 | stefan27 | thanks Wimpy |
16:25.46 | TandyUK | Haris: can you load that pem on another system? |
16:25.49 | edong23 | Haris: the point is, there is a reason it isnt loading it. either the file is bunk, or the file cant be read by your asterisk user... |
16:25.56 | Haris | I don't have a .pem. I'm trying to create one manually |
16:25.59 | edong23 | or it isnt in that directory |
16:26.17 | TandyUK | so what is /etc/asterisk/ssl/sipserver.finpay.pk.key then? |
16:26.37 | Haris | its contains the normal rsa key used to generate the csr, against which I have the still valid ssl cert |
16:27.02 | edong23 | and that is what [TK]D-Fender is getting at. you have only showed the console output. not how you created the file, or a simple ls -lh on the directory /etc/asterisk/ssl/ |
16:27.05 | TandyUK | ok, well you need to use openssl to combine the key, crt and ny cabundle int oa .pem (PKCS9??) Key file |
16:27.28 | Haris | edong23: files are there. asterisk may not be able to read them. but file/folder ownership is asterisk:asterisk |
16:27.34 | Haris | for entire /etc/asterisk tree |
16:28.08 | edong23 | what is this pem file you defined in your http.conf? |
16:28.10 | Haris | edong23: contents of folder are in paste ---> http://pastebin.ca/3703371 |
16:28.17 | TandyUK | https://www.sslshopper.com/article-most-common-openssl-commands.html |
16:28.54 | edong23 | thought you didnt have a pem file? |
16:29.00 | Haris | TandyUK: I tried to do it. (1) cat pvt key in file1 (2) cat >> crt in file1 (3) cat >> ca bundle in file1 |
16:29.10 | Haris | that's the steps with which I tried to manually create this .pem file |
16:29.39 | Haris | created file1.pem, but asterisk doesn't like it |
16:29.48 | TandyUK | what? |
16:29.52 | Haris | created file1.pem in above mentioned way |
16:29.53 | TandyUK | use openssl to convert iy |
16:29.57 | Haris | hmm |
16:30.00 | TandyUK | you cant just cat it lol |
16:30.00 | Haris | ah ok |
16:30.03 | edong23 | lol |
16:30.07 | TandyUK | and LOL |
16:30.08 | TandyUK | https://www.sslshopper.com/ssl-converter.html |
16:30.23 | TandyUK | save the hassle of converting your ssl cert, BY GIVING THEM TO US! |
16:30.31 | edong23 | wow... |
16:30.32 | TandyUK | ffs dont do that ;) |
16:30.39 | edong23 | let me just upload this |
16:30.44 | edong23 | to some shady looking site |
16:31.12 | Haris | checking this site |
16:31.24 | edong23 | however, they do have the commands you need down there |
16:31.46 | edong23 | Haris: the first link TandyUK posted |
16:32.01 | Haris | https://www.sslshopper.com/article-most-common-openssl-commands.html <--- this one ? |
16:32.15 | TandyUK | tbf, on the second one and scroll down |
16:33.04 | edong23 | yeah, but justl.... stay off that site |
16:33.12 | edong23 | stick with that one Haris yes |
16:33.13 | TandyUK | dont be uploading shit though! |
16:33.17 | Haris | ok |
16:35.26 | Haris | http://stackoverflow.com/questions/4691699/how-to-convert-crt-to-pem <--- how about this |
16:37.46 | TandyUK | yup |
16:37.47 | TandyUK | Once you have the library installed, the command you need to issue is: |
16:37.48 | TandyUK | openssl x509 -in mycert.crt -out mycert.pem -outform PEM |
16:38.09 | TandyUK | now if it needs the key too, which im sure asterisk will tell you, |
16:38.21 | TandyUK | openssl x509 -in mycert.crt -inkey mykey.key -out mycert.pem -outform PEM |
16:39.23 | Haris | unknown option -inkey |
16:39.34 | Haris | on centos 6.8 |
16:40.31 | edong23 | maybe just -in |
16:40.51 | edong23 | could be -key |
16:40.54 | edong23 | this is what man is for |
16:41.02 | TandyUK | or -? ;) |
16:51.23 | nny | Anyone here used Mongodb and asterisk in some way? |
16:52.18 | Haris | working on it |
16:53.42 | Haris | ok. my .crt and .key files are already in PEM format |
16:54.09 | Haris | by configuring them "as is" in http.conf, asterisk -rx 'http show status' shows that asterisk is listening on 8089 port |
16:55.23 | *** join/#asterisk acidfu_ (~acidfoo@modemcable002.114-70-69.static.videotron.ca) |
16:55.28 | Haris | the files are not named .pem. they are individual cert, pvt key, ca bundle files, but they are in pem format |
16:55.58 | Haris | testing asterisk on ssl port with wscat |
16:58.02 | Haris | http://pastebin.ca/3703391 |
16:59.26 | Haris | what files can't it open ? |
17:00.08 | Haris | http://pastebin.ca/3703393 |
17:00.28 | Haris | u/g: asterisk owns all config files |
17:01.06 | Haris | non-ssl ws port connection is working ok with wscat |
17:01.12 | Haris | with ssl port, I'm getting this error |
17:01.19 | Haris | not sure if wscat can do ssl port |
17:01.23 | Haris | communication |
17:01.44 | Samot | What part of the TLS files being a .pem format is hard to understand? |
17:01.53 | Samot | Like they need to be named .pem as well. |
17:02.03 | Samot | Nothing lists a .pem in your SSL directory. |
17:03.43 | Haris | that I was trying to do |
17:04.34 | Samot | Then were are the .pem files you generated? |
17:05.44 | Haris | asterisk didn't like them. I removed them |
17:08.38 | Haris | retrying to generate again |
17:30.29 | *** join/#asterisk defsdoor (~andy@cpc8-sutt4-2-0-cust254.perr.cable.virginm.net) |
17:32.23 | *** join/#asterisk piling (~piling@unaffiliated/piling) |
17:35.41 | piling | hi everyone |
17:36.05 | *** join/#asterisk ghoti (~paul@hq.experiencepoint.com) |
17:36.07 | stefan27 | other than ${CUT(CUT(SIP_HEADER(from),@,1),:,2)} how do I get the value of the user portion of the SIP header From? |
17:36.42 | stefan27 | I have to parse it like that myself? |
18:07.54 | TandyUK | any idea how i stop my voip calls showing up as "07956...@voip.tandyuk.com" or "07956....@109.169.6.122" when using the voip client built into android? |
18:10.36 | _boot | hi all, does anyone know why Asterisk might refuse SRTP calls with a 488 Not acceptable here? I've got the phone set up with mandatory SRTP, and encryption=yes in sip.conf, and Asterisk can successfully call the phone... It's just the phone can't make outbound calls |
18:17.50 | *** join/#asterisk tuxd00d (~tuxd00d@ip68-106-11-24.ph.ph.cox.net) |
18:18.39 | *** join/#asterisk TriJetScud (znc@van-app-svr.ad.v10networks.ca) |
18:23.03 | *** join/#asterisk Guest78481 (gruetzkopf@captured-elf.dont-follow-me.eu) |
18:25.09 | *** join/#asterisk cresl1n (Adium@asterisk/libpri-and-libss7-expert/Cresl1n) |
18:25.09 | *** mode/#asterisk [+o cresl1n] by ChanServ |
18:30.49 | *** join/#asterisk hdon (~hdon@wsip-24-234-30-238.lv.lv.cox.net) |
18:31.19 | hdon | hi all :) why do people use ulaw? can't you achieve better voice quality at lower bandwidth with other codecs? |
18:40.35 | dadrc | because everybody uses ulaw |
18:48.55 | *** join/#asterisk matrix1233 (~matrix123@197.0.194.197) |
18:53.05 | ||cw | compatibility. saving the processing power in not transcoding is pretty valuable |
18:55.01 | *** join/#asterisk bkuhn (~bkuhn@fsf/director/conservancy.president.bkuhn) |
19:03.44 | Haris | what's the keyword for ca cert in tls config in http.conf ? |
19:03.50 | Haris | its not tlscafile |
19:03.57 | Haris | [Aug 23 00:03:12] WARNING[5438] http.c: Ignoring unknown option 'tlscafile' in http.conf |
19:04.31 | Haris | the error I'm getting is most probably related to ca cert not having been included in already present config |
19:05.30 | Haris | does it go in http.conf or sip.conf ? |
19:08.53 | hdon | ||cw, well i wouldn't recommend transcoding the same signal a bunch of times, but i mean, surely close to both ends of the call, you can afford one transcode. there must even be asics out there that make transcoding really cheap. |
19:09.47 | ||cw | hdon: you talk SIP providers into using something else and then you'll have a case. |
19:10.34 | hdon | Haris, i see nothing about it here http://www.voip-info.org/wiki/view/Asterisk+config+http.conf maybe you should put nginx in front of asterisk if you want encryption |
19:10.50 | hdon | ||cw, they all use ulaw? anyone using anything else? |
19:11.49 | ||cw | yes, and I'm sure some offer others too, in which case you can make that change |
19:12.05 | ||cw | my point is that it works best if it's the same end to end |
19:12.11 | hdon | Haris, also you don't need a certificate authority certificate, per se. to use ssl/tls on a server, you'll need one file with your private key, and ideally a second file with each certificate in your certificate chain, beginning with the certificate corresponding to your private key, and ending with your root certificate authority certificate |
19:12.25 | hdon | ||cw, hmm.. ok |
19:13.00 | Haris | ==> messages <== |
19:13.00 | Haris | [Aug 22 21:56:07] ERROR[5272] tcptls.c: Problem setting up ssl connection: error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request |
19:13.00 | Haris | [Aug 22 21:56:07] WARNING[5272] tcptls.c: FILE * open failed! |
19:13.13 | Haris | I'm getting this when I login to https port with wscat |
19:13.32 | *** join/#asterisk cresl1n (Adium@asterisk/libpri-and-libss7-expert/Cresl1n) |
19:13.32 | *** mode/#asterisk [+o cresl1n] by ChanServ |
19:13.34 | Haris | asterisk restart doesn't show any tls related errors |
19:13.48 | Haris | I don't have tls configured in sip.conf. only in http.conf |
19:14.33 | hdon | Haris, well maybe this doc is out of date but i don't see anything about encryption here http://www.voip-info.org/wiki/view/Asterisk+config+http.conf |
19:15.18 | Haris | I googled this error. the first few result(s) was a forum on which it said something about a ca cert |
19:15.39 | Haris | http://forums.asterisk.org/viewtopic.php?f=14&t=91525 |
19:19.43 | hdon | Haris, i would use openssl(1) to test first before wscat |
19:21.04 | hdon | Haris, or curl to HTTP GET |
19:21.14 | Haris | checking |
19:21.36 | hdon | Haris, to establish websocket connection, first ssl/tls must be negotiated, then http request can be sent, then http can be upgraded to websocket |
19:22.01 | hdon | but i've never used wscat so idk how good it is to debug problems in the earlier stages |
19:22.34 | Haris | there's no other good tools, which exist or are .. relatively easier to use |
19:23.58 | hdon | Haris, openssl s_client -connect <host>:<port> # see "man s_client" for more options like -debug |
19:24.54 | Haris | Verify return code: 21 (unable to verify the first certificate) |
19:28.25 | Haris | http://pastebin.ca/3703465 |
19:28.50 | Haris | I need to convert my x509/pem cert into .pem cert |
19:28.55 | Haris | and the pvt key |
19:28.55 | Haris | don't know how to do that |
19:30.01 | Haris | either I haven't configured to ssl cert right or its demanding/missing the ca cert |
19:31.18 | Haris | to=the |
19:31.59 | Haris | when I give it the ca-bundle file as tlscerfile, it gives error about pvt key. which is puzzling |
19:33.44 | Haris | tlscertfile= |
19:35.31 | alfabit | Haris: have you tried concatenating all the keys together into one file and name it .pem? |
19:35.45 | Haris | there's just one pvt key |
19:35.53 | Haris | what all keys ? |
19:37.22 | alfabit | .key, .crt, intermediate.crt, root.crt |
19:37.58 | Haris | I have .key .crt .ca-bundle. three files. is there specific order I need to put them in ? |
19:38.20 | alfabit | the order i just posted |
19:38.27 | Haris | i tried with cat earlier |
19:38.32 | alfabit | then save the file as yourdomain.pem |
19:39.02 | alfabit | https://www.digicert.com/ssl-support/pem-ssl-creation.htm near the bottom |
19:45.11 | Haris | this helped |
19:45.25 | Haris | http://pastebin.ca/3703469 |
19:45.33 | Haris | looks like asterisk accepted this one |
19:46.15 | Haris | nope. same error with wscat |
19:46.17 | Haris | ==> messages <== |
19:46.17 | Haris | [Aug 23 00:45:53] ERROR[6003] tcptls.c: Problem setting up ssl connection: error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request |
19:46.17 | Haris | [Aug 23 00:45:53] WARNING[6003] tcptls.c: FILE * open failed! |
19:47.26 | alfabit | that i'm not sure on. i knew about the pem from working with webrtc setup but not familiar with the tcptls seen here |
19:50.22 | KNERD | wow..been on this for hours. Seems OpenVPN is a lot easier (if the phone supports it) |
20:07.14 | *** join/#asterisk rwb (~Thunderbi@65-183-151-87-dhcp.burlingtontelecom.net) |
20:09.03 | *** join/#asterisk troyt (~troyt@2601:681:4600:7641:44dd:acff:fe85:9c8e) |
20:09.03 | _boot | i still cant understand why asterisk won't accept srtp-encrypted calls :( i've got sip logs where asterisk successfully calls out to a phone using srtp encryption (http://pastebin.com/MSucLzmq) and when it won't accept a call from the phone (http://pastebin.com/wtB9xfdE) - i don't see anything obvious, it looks like everything is going fine and it gets to 'Found audio description format telephone-event for |
20:09.09 | _boot | <PROTECTED> |
20:09.58 | rwb | Hi, Anybody know of a good solution for old pulse phone support? I'm looking to build a custom system to connect 12 - 16 old analog rotary phones internally (12 - 16 FXS ports that support pulse) Any ideas? maybe old used equipment? |
20:10.55 | *** join/#asterisk miralin (~Thunderbi@178.34.160.126) |
20:11.31 | _boot | can you get pulse->dtmf in-line converters? i was thinking of trying to make something like that a while back |
20:12.06 | rwb | that may be my only option, but I would rather not if I can. |
20:12.25 | TandyUK | wouldnt a better question be 'why?; |
20:12.34 | _boot | rotary phones with proper bell ringers are awesome |
20:12.49 | rwb | It's mostly an art installation as well. so vintage is the thing |
20:13.03 | TandyUK | i know you can get kits to replace the innards |
20:13.25 | *** join/#asterisk luckman212 (~luckman21@unaffiliated/luckman212) |
20:13.29 | TandyUK | so it becomes a moddern phone, in a vintage chassis |
20:13.56 | rwb | trying to avoid that if I can. Not sure I will be able to though. |
20:24.00 | *** join/#asterisk rwb (~Thunderbi@65-183-151-87-dhcp.burlingtontelecom.net) |
20:25.06 | *** join/#asterisk DivideBy0 (~DivideBy0@unaffiliated/divideby0x0) |
20:32.44 | *** join/#asterisk pchero (~pchero@109.70.54.56) |
20:46.19 | *** join/#asterisk u0m3 (~u0m3@5-12-136-175.residential.rdsnet.ro) |
21:04.29 | alfabit | rwb: channelbank? |
21:21.25 | *** join/#asterisk zopsi (~zopsi@2a01:4f8:201:94e5::2) |
21:26.07 | KNERD | rwb: yes, it's called a "switch board".. |
21:28.21 | KNERD | https://www.youtube.com/watch?v=nEy7Zb1Noj8 |
21:28.41 | *** join/#asterisk drathir (~kamiljk8@unaffiliated/drathir) |
21:29.06 | rwb | hehe. |
21:31.01 | rwb | Does anyone know if there even is such a thing as a 16+ FXS port pci card that can support pulse? |
21:32.11 | WIMPy | Use a big ATA, a channel bank or an old PBX. |
21:32.28 | KNERD | maybe some of these will http://www.sangoma.com/products/voip-analog-gateways/ |
21:33.38 | KNERD | http://www.sangoma.com/telephony-interface-cards/analog-voice-cards/ |
21:35.01 | KNERD | I have an a200, but no FXS interface on it ti test..only FXO |
21:35.37 | KNERD | oops..got that backwards |
21:39.48 | KNERD | rwb: this is intertestig https://wiki.voip.ms/article/Pulse_dial |
21:48.35 | *** join/#asterisk KaliLinuxGR (~alexandro@unaffiliated/kalilinuxgr) |
21:51.36 | *** join/#asterisk KaliLinuxGR (~alexandro@unaffiliated/kalilinuxgr) |
22:25.38 | *** join/#asterisk jetlag (~jetlag@pool-71-168-197-243.cmdnnj.east.verizon.net) |
23:11.45 | *** part/#asterisk kharwell (kharwell@nat/digium/x-adqianqzyugcnlha) |
23:14.34 | *** join/#asterisk bkuhn (~bkuhn@fsf/director/conservancy.president.bkuhn) |
23:17.41 | bkuhn | I have a sip client that's having some strange audio issues (a rather consistent breakup), but the problems do not appear when I see the message "Locally bridging <Channel> and <channel>" |
23:18.27 | bkuhn | I was wondering how to force that local bridging to occur every time this sip client connects. I tried various settings with directrtpsetup / directmedia to no avail. |
23:29.25 | *** join/#asterisk Ellenor (ellenor@unaffiliated/ellenor) |
23:30.13 | Ellenor | is there a number (name@domain sip id, that is) i can call if I'm super bored, that either has a person who answers calls from strangers at the other end or a conference call that's relatively active all through North America daytime? |
23:31.57 | *** join/#asterisk bhans (ddfd4592@gateway/web/freenode/ip.221.253.69.146) |
23:32.37 | *** join/#asterisk tuxd00d (~tuxd00d@ip68-106-11-24.ph.ph.cox.net) |
23:56.28 | *** join/#asterisk matrix1233 (~matrix123@197.0.194.197) |
23:59.49 | wyoung | bkuhn: are you transcoding at all? |