I’m running Hosted FreePBX 13 and trying to configure a TLS SIP Trunk so that the communications is encrypted all the way from my endpoints to my service provider. I am currently using 2Talk as my service provider. I have been in contact with 2Talk and they say they support connections over 5060 and 5061 (TLS). The problem is that I do not know how to configure FreePBX to connect using port 5061 for the trunk. (I have successful TLS connections to Sangoma phones.)
The error I get in the logs when I attempt a call on the trunk over port 5061 is:
[2017-09-28 16:15:22] VERBOSE tcptls.c: SSL certificate ok
[2017-09-28 16:15:22] ERROR tcptls.c: Certificate did not verify: unable to get local issuer certificate
While happening to get the exact settings I would need for 2Talk service would be ideal, recommendations from others who have accomplishment a TLS connection with their service provider may help shine some light on what needs to be done.
Thank you for the suggestions. Turning off the certificate check worked for being able to make outbound calls. Still trying to figure out why it’s not receiving inbound calls over tls.
Now it is giving me these messages in the log file:
[2017-09-29 09:12:32] VERBOSE[C-00000f49] pbx.c: – Executing [[email protected]:6] Log(“SIP/220.127.116.11-00000f5e”, "WARNING,“Rejecting unknown SIP connection from 18.104.22.168"”) in new stack
[2017-09-29 09:12:32] WARNING[C-00000f49] Ext. s: “Rejecting unknown SIP connection from 22.214.171.124”
These errors were occurring because of the Incoming setting insecure-invite instead of insecure-very I changed this setting and fixed the problem. -------
Hello, I’m trying to setup a TLS trunk to my FreePBX from a new VOIP Service Providers. Where should I put the Certificates path?
My setup is endpoint no encryption and Chan_Sip 5060.
My SIP Provider sent me the Intermediate certificate and the root and we are using TLS=5061.
Can you guide me to the right path?
Where should I put the Certificates and in what file should I add the configuration path?