Enable TLS on Issabel 4

This site is best viewed in a modern browser with JavaScript enabled.

Enable TLS on Issabel 4

asd

Hello everyone,
I have two servers one is elastix 4 and the other is issabel 4 with asterisk 13
I had successfully enabled the TLS on the Elastix 4 and all client is working with TLS voice encrypted
but when i tried to do the same on issabel i didn't find the path for the "usr/share/doc/asterisk-11.20.0/contrib/scripts/" to run the script to create the certificate
Appreciate any help to find the right way to create the certificate and enable TLS on issabel 4 server
thanks in advanced for any help.

Alfio

Hi, this because your looking un asterisk 11 folder, change asterisk 11 folder ti asterisk 13.
usr/share/doc/asterisk-11.20.0/contrib/scripts

Change to asterisk 13 look in usr/share/doc/asterisk-13...

asd

Alfio
Dear thanks for the replay I tried that but there is no asterisk-13 under the doc/ there is only this path
/usr/share/doc/asterisk-perl-1.03
I couldn't find the contrib/scripts any where any ideas where i can find it !

asternic

Si quieres usar dicho script, simplemente descárgalo, ejemplo:

cd /usr/bin
wget --no-check-certificate https://raw.githubusercontent.com/asterisk/asterisk/master/contrib/scripts/ast_tls_cert
chmod a+x ast_tls_cert

Y lo tendrás en /usr/bin para utilizar...

Ahora bien, si activas un certificado real usando Letsencrypt, no hace falta que generes nada, pues ya te genera solito el /etc/asterisk/keys/asterisk.pem (si no recuerdo mal el nombre/ruta). Y ese es el que puedes usar en la configuración de TLS.

Saludos,

asd

asternic
Thanks very much for the useful information, really it did help me with the setup and works like charm
Appreciate if you can help me to use the Real Certificate on the Letsencrypt because I would like to use real certificate that I already have,

asternic

Hi,

First of all, you must have a registered domain and a hostname already configured in some DNS, so you must access Issabel GUI from domain and not ip address, like:

https://myissabel.domain.com

You then must verify that both port 80 and 443 are opened/not blocked or filtered in any firewall, if you have the filrewall enabled in issabel, be sure to alllow those ports, or disable the firewall when doing the letsencrypt certificate retrieval.

Go to Security - HTTPS Certificate

Fill the form, follow the steps listed, there are not hard at all. The system will acquiere the certificate from letsencrypt and finish after 30 or a bit more seconds. If it fails, it is because ports are blocked or your DNS is not setup well.

Once you get the certificate, depending on the issabel-security version, you already migth have the certificate created in /etc/asterisk/keys/asterisk.pem

If you do not have it becuase your issabel-security package is not updated, you can create it with one command:

for A in `grep '^SSLCert' /etc/httpd/conf.d/ssl.conf | grep -v chain | awk '{print $2}'`; do cat \$A >>/etc/asterisk/keys/asterisk.pem

Then you can refer to /ect/asterisk/keys/asterisk.pem whenever the cert file confg is requiered, there is no need to specify a private key because it is contained in the same cert.

Best regards,

asd

asternic
Thanks very much for the kind information
How to install the Letsencrypt module on Issabel 4 ?
I have it under the security put the page is empty, there is no option to chose from it,

asternic If you do not have it becuase your issabel-security package is not updated, you can create it with one command:

I used this command put there is nothing happened,

asd

asternic Go to Security - HTTPS Certificate

I couldn't find this part ! can you help me to active the Letsencrypt on Issabel !

asternic

Not sure what Issabel version you might have installed then. Lets encrypt was added since the first official Issabel release, so you must have it there. You either have an old beta, or who knows what. To get help you will need grant access to your server, and you will need to purchase professional support to do the proper server assesment and give you the solution or recommendations to solve your issues.

Best regards,

asd

asternic
Thanks for the replay dear,
I have installed the latest version of issabel from the official web site which is the "Issabel v.4 with asterisk v.13"
I have the Letsencrypt under the security but there is nothing inside it to be change or to add certificate
my question was: how can I use Letsencrypt to add my Real Certificate on it?

asternic

Hi,

If you do not see nothing is either because you are reaching your web via IP address (it is MANDATORY to reach it via hostname), or something like that. Hard to say.

Best reagrds,

asd

asternic
Thanks for your kind replay, You are totally right I was connecting to it by ip address, now I'm using the name of the server and I can see the page of Letsencrypt,
Thanks again for your support,
Best Regards,

mortezabarati

asd
Hi
I activated TLS on Issabel 4 with asterisk 16.
my extensions can register over TLS in local network but can't register over the Internet!
is there any point that I miss?!
Thank You in advanced