{"id":945,"date":"2019-02-07T15:30:55","date_gmt":"2019-02-07T11:30:55","guid":{"rendered":"http:\/\/blog.5flor.ru\/?p=945"},"modified":"2019-02-07T15:32:19","modified_gmt":"2019-02-07T11:32:19","slug":"sips-on-asterisk-sip-security-with-tls","status":"publish","type":"post","link":"https:\/\/blog.5flor.ru\/?p=945","title":{"rendered":"SIPS on Asterisk \u2013 SIP security with TLS"},"content":{"rendered":"\n<p> <br>\u043a\u043e\u0440\u043d\u0435\u0432\u043e\u0439 \u043a\u043b\u044e\u0447  openssl genrsa -des3 -out ca.key 4096<\/p>\n\n\n\n<p>\u043a\u043e\u0440\u043d\u0435\u0432\u043e\u0439 \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442   openssl req -new -x509 -days 365 -key ca.key -out ca.crt<\/p>\n\n\n\n<p>\u0421\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442 \u0434\u043b\u044f \u0441\u0435\u0440\u0432\u0435\u0440\u0430<\/p>\n\n\n\n<p> openssl req -new -x509 -days 3650 -key ca.key -out ca.crt<\/p>\n\n\n\n<p> openssl genrsa -out key.pem 1024<br> openssl req -new -key key.pem -out pbx.5flor.ru.csr<br> openssl x509 -req -days 3650 -in pbx.5flor.ru.csr -CA ca.crt -CAkey ca.key -set_serial 01 -out cert-pbx.5flor.ru.crt<br> cat key.pem > asterisk.pem<br> cat cert-pbx.5flor.ru.crt >> asterisk.pem<br> openssl verify -CAfile ca.crt asterisk.pem<br> \u0414\u043e\u043b\u0436\u043d\u043e \u0431\u044b\u0442\u044c OK<\/p>\n\n\n\n<p>\u043f\u0435\u0440\u0435\u0438\u043c\u0435\u043d\u0443\u044e\u0435\u043c \u0434\u043b\u044f vitalpbx <\/p>\n\n\n\n<p>mv asterisk.pem bundle.pem<br> mv ca.crt chain.pem<br> openssl s_client -connect 127.0.0.1:5061<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"\u0442\u0435\u0441\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435\">\u0422\u0435\u0441\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435<\/h3>\n\n\n\n<p>\u0425\u043e\u0440\u043e\u0448\u043e \u0431\u044b \u0435\u0449\u0435 \u0443\u0431\u0435\u0434\u0438\u0442\u044c\u0441\u044f, \u0447\u0442\u043e \u0441\u0438\u0433\u043d\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u044f \u0438 \u0433\u043e\u043b\u043e\u0441 \u0437\u0430\u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u044b. \u042d\u0442\u043e \u043c\u043e\u0436\u043d\u043e \u0441\u0434\u0435\u043b\u0430\u0442\u044c \u043f\u0440\u0438 \u043f\u043e\u043c\u043e\u0449\u0438 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f&nbsp;<em>tcpdump<\/em>&nbsp;<br><\/p>\n\n\n\n<p>\u0434\u043b\u044f \u0441\u0438\u0433\u043d\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438:<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">  tcpdump -nqt -s 0 -A -vvv -i eth0 port 5061<\/pre>\n\n\n\n<p>\u0433\u0434\u0435&nbsp;<em>eth0<\/em>&nbsp;\u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441.<\/p>\n\n\n\n<p>\u0414\u043b\u044f \u0433\u043e\u043b\u043e\u0441\u0430:<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">  tcpdump -nqt -s 0 -A -vvv -i eth0 portrange 10000-20000<\/pre>\n","protected":false},"excerpt":{"rendered":"<p>\u043a\u043e\u0440\u043d\u0435\u0432\u043e\u0439 \u043a\u043b\u044e\u0447 openssl genrsa -des3 -out ca.key 4096 \u043a\u043e\u0440\u043d\u0435\u0432\u043e\u0439 \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442 openssl req -new -x509 -days 365 -key ca.key -out ca.crt \u0421\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442 \u0434\u043b\u044f \u0441\u0435\u0440\u0432\u0435\u0440\u0430 openssl req -new -x509 -days 3650 -key ca.key -out ca.crt openssl genrsa -out key.pem 1024 openssl req &hellip; <a href=\"https:\/\/blog.5flor.ru\/?p=945\">\u0427\u0438\u0442\u0430\u0442\u044c \u0434\u0430\u043b\u0435\u0435 <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[22],"tags":[],"class_list":["post-945","post","type-post","status-publish","format-standard","hentry","category-asterisk"],"_links":{"self":[{"href":"https:\/\/blog.5flor.ru\/index.php?rest_route=\/wp\/v2\/posts\/945"}],"collection":[{"href":"https:\/\/blog.5flor.ru\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.5flor.ru\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.5flor.ru\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.5flor.ru\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=945"}],"version-history":[{"count":0,"href":"https:\/\/blog.5flor.ru\/index.php?rest_route=\/wp\/v2\/posts\/945\/revisions"}],"wp:attachment":[{"href":"https:\/\/blog.5flor.ru\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=945"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.5flor.ru\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=945"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.5flor.ru\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=945"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}