<div dir="ltr">How did you format the cert? and in what files did you put them in? and are your permissions correct on those files?</div><div class="gmail_extra"><br><div class="gmail_quote">On Thu, Jan 5, 2017 at 2:55 PM, ITwrx.org <span dir="ltr"><<a href="mailto:info@itwrx.org" target="_blank">info@itwrx.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">hi,<br>
<br>
i'm trying to use a letsencrypt generated cert with freeswitch but am<br>
not sure how to proceed. I've read the old and new wiki posts concerning<br>
tls but they don't seem to cover my exact scenario. It seems to me that<br>
freeswitch is looking into the configured "tls-cert-dir" for the<br>
hardcoded filename tls.pem and is expecting that a self generated ca has<br>
signed it. i have placed the fullchain.pem in that directory (generated<br>
with certbot) and have renamed it tls.pem but i guess it's not finding<br>
the CA sig it expects(?) as i'm getting:<br>
<br>
tport_tls.c:1044 tls_connect() tls_connect(0x373c000e8d0): TLS setup<br>
failed (error:00000005:lib(0):func(0)<wbr>:DH lib)<br>
<br>
when trying to connect with csipsimple from phone. I would like to avoid<br>
generating client certs signed by a custom CA where users have to copy<br>
the client cert and ca cert to their device as it adds complexity and<br>
problems. Is there a workaround or suggested method for using a<br>
letsencrypt cert with freeswitch so that clients like csipsimple can<br>
just validate against their built-in CA store?<br>
<br>
thanks in advance,<br>
ITwrx<br>
<br>
--<br>
Information Technology Works<br>
<a href="https://ITwrx.org" rel="noreferrer" target="_blank">https://ITwrx.org</a><br>
@ITwrxorg<br>
<br>
<br>
______________________________<wbr>______________________________<wbr>_____________<br>
Professional FreeSWITCH Consulting Services:<br>
<a href="mailto:consulting@freeswitch.org">consulting@freeswitch.org</a><br>
<a href="http://www.freeswitchsolutions.com" rel="noreferrer" target="_blank">http://www.<wbr>freeswitchsolutions.com</a><br>
<br>
Official FreeSWITCH Sites<br>
<a href="http://www.freeswitch.org" rel="noreferrer" target="_blank">http://www.freeswitch.org</a><br>
<a href="http://confluence.freeswitch.org" rel="noreferrer" target="_blank">http://confluence.freeswitch.<wbr>org</a><br>
<a href="http://www.cluecon.com" rel="noreferrer" target="_blank">http://www.cluecon.com</a><br>
<br>
FreeSWITCH-users mailing list<br>
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org">FreeSWITCH-users@lists.<wbr>freeswitch.org</a><br>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" rel="noreferrer" target="_blank">http://lists.freeswitch.org/<wbr>mailman/listinfo/freeswitch-<wbr>users</a><br>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" rel="noreferrer" target="_blank">http://lists.<wbr>freeswitch.org/mailman/<wbr>options/freeswitch-users</a><br>
<a href="http://www.freeswitch.org" rel="noreferrer" target="_blank">http://www.freeswitch.org</a><br>
</blockquote></div><br><br clear="all"><div><br></div>-- <br><div class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr">
<p><font face="courier new, monospace"><b><i><font size="4">Brian West</font></i></b><br><span style="font-size:x-small"><a href="mailto:brian@freeswitch.org" target="_blank">brian@freeswitch.org</a></span></font></p>
<p><font size="1" face="courier new, monospace"><img src="http://billing.freeswitch.org/templates/default/img/whmcslogo.png"><br></font></p><p><font size="2" face="monospace, monospace"><b><i>Twitter: @FreeSWITCH , @briankwest</i></b><br><a href="http://www.freeswitchbook.com" target="_blank">http://www.freeswitchbook.com</a> <br><a href="http://www.freeswitchcookbook.com" target="_blank">http://www.freeswitchcookbook.com</a></font><font size="2" face="monospace, monospace"><br></font><a href="https://www.gofundme.com/freeswitch_ubuntu" style="font-size:12.8px" target="_blank"><font face="monospace, monospace">https://www.gofundme.com/freeswitch_ubuntu</font></a></p><p><font face="monospace, monospace">Got Bugs? Report them <a href="https://freeswitch.org/jira" target="_blank">here</a>! | Reddit: <a href="https://www.reddit.com/r/freeswitch" target="_blank">/r/freeswitch</a></font></p>
<p><font size="2" face="monospace, monospace"><b>T:</b>+19184209001 | <b>F:</b>+19184209002 | <b>M:</b>+1918424WEST (9378)<br><b>Skype:</b>briankwest</font></p></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div>
</div>