Skip to end of metadata
Go to start of metadata

 

Документ описывает процесс подключения бесплатного SSL сертификата полученного на сайте www.startssl.com

Документ не описывает процесс регистрации и получения сертификатов на сайте StartSSL.

Создание сертификатов

Для вашего домена (к примеру demo-srv.webitel.com) Вы должны получить файлы Private Key, Certificate и скачать Class 1 Intermediate Server CA.

  1. Переходим в директорию /opt/webitel/certs
  2. Копируем Private Key в файл /opt/webitel/certs/wss.key
  3. Копируем Certificate в файл /opt/webitel/certs/wss.crt
  4. Скачиваем Class 1 Intermediate Server CA: wget https://www.startssl.com/certs/sub.class1.server.ca.pem

Подключение сертификата к webitel

  1. Создаем pfx файл для webitel: 

    openssl pkcs12 -export -in wss.crt -inkey wss.key -out certificate.pfx -certfile sub.class1.server.ca.pem
  2. Подключаем certificate.pfx к webitel в конфигурационном файле: /opt/webitel/srv/Webitel.EventWebSocket.addin

    Webitel.EventWebSocket.addin
          <section name="config">
            <set type="setup" name="listen-ip" value="Any"/>
            <set type="setup" name="listen-port" value="6871"/>
            <set type="setup" name="max-connect-count" value="100"/>
            <set type="setup" name="max-request-length" value="100000"/>
            <set type="setup" name="json-format-indent" value="true"/>
    		<set type="setup" name="security" value="tls"/>
            <set type="setup" name="certificate" value="/opt/webitel/certs/certificate.pfx"/>
            <set type="setup" name="password" value="itsferapass1"/>
          </section>
  3. Перезапускаем службу webitel
  4. Проверяем, проходит ли наш сертификат проверку c помощью комманды:
openssl s_client -showcerts -connect demo-srv.webitel.com:6871

Должны получить похожий ответ:

CONNECTED(00000003)
depth=0 C = UA, CN = demo-srv.webitel.com, emailAddress = [email protected]
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 C = UA, CN = demo-srv.webitel.com, emailAddress = [email protected]
verify error:num=27:certificate not trusted
verify return:1
depth=0 C = UA, CN = demo-srv.webitel.com, emailAddress = [email protected]
verify error:num=21:unable to verify the first certificate
verify return:1
---
Certificate chain
 0 s:/C=UA/CN=demo-srv.webitel.com/[email protected]
   i:/C=IL/O=StartCom Ltd./OU=Secure Digital Certificate Signing/CN=StartCom Class 1 Primary Intermediate Server CA
-----BEGIN CERTIFICATE-----
MIIGRjCCBS6gAwIBAgIDEyL6MA0GCSqGSIb3DQEBCwUAMIGMMQswCQYDVQQGEwJJ
TDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0
YWwgQ2VydGlmaWNhdGUgU2lnbmluZzE4MDYGA1UEAxMvU3RhcnRDb20gQ2xhc3Mg
MSBQcmltYXJ5IEludGVybWVkaWF0ZSBTZXJ2ZXIgQ0EwHhcNMTQwOTI1MTQwNTI4
WhcNMTUwOTI3MDcxNjQwWjBUMQswCQYDVQQGEwJVQTEdMBsGA1UEAxMUZGVtby1z
cnYud2ViaXRlbC5jb20xJjAkBgkqhkiG9w0BCQEWF2NodWNoa29AaXQtc2ZlcmEu
Y29tLnVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwTVmgeZ3ocsZ
Ho817L2aDxldoOMNWy8XKp+8A4a+Gvu5ens1mtEm+Lyx7oYOAS9CQvCrqOFK0iOF
Z7jwKtKBKLxNOyB7PtZJbYQSoqTmmG1hxdLaiLv4GliPqFlsdny0nrJP4i+nA9sU
ZDMCLyj1ahLV3eGTGdpqbwDf4nkouYR+5QPspk5xTe8e62YHHqyeXQgypMmPyHRq
jZnofeYrbGoIilMIxbmla0a3YIn0Ksxc0xpJTpg0T+Jwlv0mm5n+YP/ZcCz25cz+
A5mUDG1J/u3izyRLbNOiywaHzhvJ5z8azJw3wm4H1w//jGQvlougVYPnX4jIrj45
JDglibmccwIDAQABo4IC5jCCAuIwCQYDVR0TBAIwADALBgNVHQ8EBAMCA6gwEwYD
VR0lBAwwCgYIKwYBBQUHAwEwHQYDVR0OBBYEFF8jDw/AEpywkYWmbPf5ljoLt4HX
MB8GA1UdIwQYMBaAFOtCNNCYsKuf9BtrCPfMZC7vDixFMCwGA1UdEQQlMCOCFGRl
bW8tc3J2LndlYml0ZWwuY29tggt3ZWJpdGVsLmNvbTCCAVYGA1UdIASCAU0wggFJ
MAgGBmeBDAECATCCATsGCysGAQQBgbU3AQIDMIIBKjAuBggrBgEFBQcCARYiaHR0
cDovL3d3dy5zdGFydHNzbC5jb20vcG9saWN5LnBkZjCB9wYIKwYBBQUHAgIwgeow
JxYgU3RhcnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwAwIBARqBvlRoaXMg
Y2VydGlmaWNhdGUgd2FzIGlzc3VlZCBhY2NvcmRpbmcgdG8gdGhlIENsYXNzIDEg
VmFsaWRhdGlvbiByZXF1aXJlbWVudHMgb2YgdGhlIFN0YXJ0Q29tIENBIHBvbGlj
eSwgcmVsaWFuY2Ugb25seSBmb3IgdGhlIGludGVuZGVkIHB1cnBvc2UgaW4gY29t
cGxpYW5jZSBvZiB0aGUgcmVseWluZyBwYXJ0eSBvYmxpZ2F0aW9ucy4wNQYDVR0f
BC4wLDAqoCigJoYkaHR0cDovL2NybC5zdGFydHNzbC5jb20vY3J0MS1jcmwuY3Js
MIGOBggrBgEFBQcBAQSBgTB/MDkGCCsGAQUFBzABhi1odHRwOi8vb2NzcC5zdGFy
dHNzbC5jb20vc3ViL2NsYXNzMS9zZXJ2ZXIvY2EwQgYIKwYBBQUHMAKGNmh0dHA6
Ly9haWEuc3RhcnRzc2wuY29tL2NlcnRzL3N1Yi5jbGFzczEuc2VydmVyLmNhLmNy
dDAjBgNVHRIEHDAahhhodHRwOi8vd3d3LnN0YXJ0c3NsLmNvbS8wDQYJKoZIhvcN
AQELBQADggEBAJE2K2oFda4eZK7wkL2QsHpa3AQtaR1mBTIOsn5CiDOalfbGH14H
uNeuqSunchjCga+HcBxaI0bll8X3iq7ATCoDOM0GRSWePZoxaNdN4FunAei7A4mf
wSzjpPtFxZo8aqgN8xTN99KEHJpMxfPyvXuXVhzVlp7ibfryjwyF5RPKbRqP+HSE
kirF27bNzZ8Pe1AfW5LkmwM15oVb6pG+nASR32BkOaig3reZqWFsTUPsjA8Tp8GH
PUbIoZoIIyE1yHo2ztPSGbLRDkFJ5D+onK2okoIJ5OfU7Oc0YR4equHzvWkTYcyK
YW6X6TAOrA9C5ReGYKUTHKUn7nnfYZJynaQ=
-----END CERTIFICATE-----
---
Server certificate
subject=/C=UA/CN=demo-srv.webitel.com/[email protected]
issuer=/C=IL/O=StartCom Ltd./OU=Secure Digital Certificate Signing/CN=StartCom Class 1 Primary Intermediate Server CA
---
No client certificate CA names sent
---
SSL handshake has read 1740 bytes and written 589 bytes
---
New, TLSv1/SSLv3, Cipher is AES256-SHA
Server public key is 2048 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
SSL-Session:
    Protocol  : TLSv1
    Cipher    : AES256-SHA
    Session-ID:
    Session-ID-ctx:
    Master-Key: 3819079D8181F4624ABB65F2CD0D6F6842F93AF4670DF63486297010B6C6AB72EC508DF591D23596A976E4C2C4FF98B9
    Key-Arg   : None
    Krb5 Principal: None
    PSK identity: None
    PSK identity hint: None
    Start Time: 1411737613
    Timeout   : 300 (sec)
    Verify return code: 21 (unable to verify the first certificate)
---
read:errno=0

Подключение сертификата для WebRTC

  1. Создаем pem файл для FreeSWITCH:

    cat wss.crt wss.key sub.class1.server.ca.pem > wss.pem
    cp wss.pem dtls-srtp.pem
  2. Подключаем wss.pem к FreeSWITCH в конфигурационном файле: /opt/webitel/switch/conf/sip_profiles/internal.xml

    <param name="tls-cert-dir" value="/opt/webitel/certs"/>
    <param name="wss-binding" value=":7443"/>
  3. Перезапускаем FreeSWITCH
  4. Проверяем командой:

    openssl s_client -showcerts -connect demo-srv.webitel.com:7443

    Должны получить похожий ответ:

CONNECTED(00000003)
depth=2 C = IL, O = StartCom Ltd., OU = Secure Digital Certificate Signing, CN = StartCom Certification Authority
verify return:1
depth=1 C = IL, O = StartCom Ltd., OU = Secure Digital Certificate Signing, CN = StartCom Class 1 Primary Intermediate Server CA
verify return:1
depth=0 C = UA, CN = demo-srv.webitel.com, emailAddress = [email protected]
verify return:1
---
Certificate chain
 0 s:/C=UA/CN=demo-srv.webitel.com/[email protected]
   i:/C=IL/O=StartCom Ltd./OU=Secure Digital Certificate Signing/CN=StartCom Class 1 Primary Intermediate Server CA
-----BEGIN CERTIFICATE-----
MIIGRjCCBS6gAwIBAgIDEyL6MA0GCSqGSIb3DQEBCwUAMIGMMQswCQYDVQQGEwJJ
TDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0
YWwgQ2VydGlmaWNhdGUgU2lnbmluZzE4MDYGA1UEAxMvU3RhcnRDb20gQ2xhc3Mg
MSBQcmltYXJ5IEludGVybWVkaWF0ZSBTZXJ2ZXIgQ0EwHhcNMTQwOTI1MTQwNTI4
WhcNMTUwOTI3MDcxNjQwWjBUMQswCQYDVQQGEwJVQTEdMBsGA1UEAxMUZGVtby1z
cnYud2ViaXRlbC5jb20xJjAkBgkqhkiG9w0BCQEWF2NodWNoa29AaXQtc2ZlcmEu
Y29tLnVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwTVmgeZ3ocsZ
Ho817L2aDxldoOMNWy8XKp+8A4a+Gvu5ens1mtEm+Lyx7oYOAS9CQvCrqOFK0iOF
Z7jwKtKBKLxNOyB7PtZJbYQSoqTmmG1hxdLaiLv4GliPqFlsdny0nrJP4i+nA9sU
ZDMCLyj1ahLV3eGTGdpqbwDf4nkouYR+5QPspk5xTe8e62YHHqyeXQgypMmPyHRq
jZnofeYrbGoIilMIxbmla0a3YIn0Ksxc0xpJTpg0T+Jwlv0mm5n+YP/ZcCz25cz+
A5mUDG1J/u3izyRLbNOiywaHzhvJ5z8azJw3wm4H1w//jGQvlougVYPnX4jIrj45
JDglibmccwIDAQABo4IC5jCCAuIwCQYDVR0TBAIwADALBgNVHQ8EBAMCA6gwEwYD
VR0lBAwwCgYIKwYBBQUHAwEwHQYDVR0OBBYEFF8jDw/AEpywkYWmbPf5ljoLt4HX
MB8GA1UdIwQYMBaAFOtCNNCYsKuf9BtrCPfMZC7vDixFMCwGA1UdEQQlMCOCFGRl
bW8tc3J2LndlYml0ZWwuY29tggt3ZWJpdGVsLmNvbTCCAVYGA1UdIASCAU0wggFJ
MAgGBmeBDAECATCCATsGCysGAQQBgbU3AQIDMIIBKjAuBggrBgEFBQcCARYiaHR0
cDovL3d3dy5zdGFydHNzbC5jb20vcG9saWN5LnBkZjCB9wYIKwYBBQUHAgIwgeow
JxYgU3RhcnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwAwIBARqBvlRoaXMg
Y2VydGlmaWNhdGUgd2FzIGlzc3VlZCBhY2NvcmRpbmcgdG8gdGhlIENsYXNzIDEg
VmFsaWRhdGlvbiByZXF1aXJlbWVudHMgb2YgdGhlIFN0YXJ0Q29tIENBIHBvbGlj
eSwgcmVsaWFuY2Ugb25seSBmb3IgdGhlIGludGVuZGVkIHB1cnBvc2UgaW4gY29t
cGxpYW5jZSBvZiB0aGUgcmVseWluZyBwYXJ0eSBvYmxpZ2F0aW9ucy4wNQYDVR0f
BC4wLDAqoCigJoYkaHR0cDovL2NybC5zdGFydHNzbC5jb20vY3J0MS1jcmwuY3Js
MIGOBggrBgEFBQcBAQSBgTB/MDkGCCsGAQUFBzABhi1odHRwOi8vb2NzcC5zdGFy
dHNzbC5jb20vc3ViL2NsYXNzMS9zZXJ2ZXIvY2EwQgYIKwYBBQUHMAKGNmh0dHA6
Ly9haWEuc3RhcnRzc2wuY29tL2NlcnRzL3N1Yi5jbGFzczEuc2VydmVyLmNhLmNy
dDAjBgNVHRIEHDAahhhodHRwOi8vd3d3LnN0YXJ0c3NsLmNvbS8wDQYJKoZIhvcN
AQELBQADggEBAJE2K2oFda4eZK7wkL2QsHpa3AQtaR1mBTIOsn5CiDOalfbGH14H
uNeuqSunchjCga+HcBxaI0bll8X3iq7ATCoDOM0GRSWePZoxaNdN4FunAei7A4mf
wSzjpPtFxZo8aqgN8xTN99KEHJpMxfPyvXuXVhzVlp7ibfryjwyF5RPKbRqP+HSE
kirF27bNzZ8Pe1AfW5LkmwM15oVb6pG+nASR32BkOaig3reZqWFsTUPsjA8Tp8GH
PUbIoZoIIyE1yHo2ztPSGbLRDkFJ5D+onK2okoIJ5OfU7Oc0YR4equHzvWkTYcyK
YW6X6TAOrA9C5ReGYKUTHKUn7nnfYZJynaQ=
-----END CERTIFICATE-----
 1 s:/C=IL/O=StartCom Ltd./OU=Secure Digital Certificate Signing/CN=StartCom Class 1 Primary Intermediate Server CA
   i:/C=IL/O=StartCom Ltd./OU=Secure Digital Certificate Signing/CN=StartCom Certification Authority
-----BEGIN CERTIFICATE-----
MIIGNDCCBBygAwIBAgIBGDANBgkqhkiG9w0BAQUFADB9MQswCQYDVQQGEwJJTDEW
MBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwg
Q2VydGlmaWNhdGUgU2lnbmluZzEpMCcGA1UEAxMgU3RhcnRDb20gQ2VydGlmaWNh
dGlvbiBBdXRob3JpdHkwHhcNMDcxMDI0MjA1NDE3WhcNMTcxMDI0MjA1NDE3WjCB
jDELMAkGA1UEBhMCSUwxFjAUBgNVBAoTDVN0YXJ0Q29tIEx0ZC4xKzApBgNVBAsT
IlNlY3VyZSBEaWdpdGFsIENlcnRpZmljYXRlIFNpZ25pbmcxODA2BgNVBAMTL1N0
YXJ0Q29tIENsYXNzIDEgUHJpbWFyeSBJbnRlcm1lZGlhdGUgU2VydmVyIENBMIIB
IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtonGrO8JUngHrJJj0PREGBiE
gFYfka7hh/oyULTTRwbw5gdfcA4Q9x3AzhA2NIVaD5Ksg8asWFI/ujjo/OenJOJA
pgh2wJJuniptTT9uYSAK21ne0n1jsz5G/vohURjXzTCm7QduO3CHtPn66+6CPAVv
kvek3AowHpNz/gfK11+AnSJYUq4G2ouHI2mw5CrY6oPSvfNx23BaKA+vWjhwRRI/
ME3NO68X5Q/LoKldSKqxYVDLNM08XMML6BDAjJvwAwNi/rJsPnIO7hxDKslIDlc5
xDEhyBDBLIf+VJVSH1I8MRKbf+fAoKVZ1eKPPvDVqOHXcDGpxLPPr21TLwb0pwID
AQABo4IBrTCCAakwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYD
VR0OBBYEFOtCNNCYsKuf9BtrCPfMZC7vDixFMB8GA1UdIwQYMBaAFE4L7xqkQFul
F2mHMMo0aEPQQa7yMGYGCCsGAQUFBwEBBFowWDAnBggrBgEFBQcwAYYbaHR0cDov
L29jc3Auc3RhcnRzc2wuY29tL2NhMC0GCCsGAQUFBzAChiFodHRwOi8vd3d3LnN0
YXJ0c3NsLmNvbS9zZnNjYS5jcnQwWwYDVR0fBFQwUjAnoCWgI4YhaHR0cDovL3d3
dy5zdGFydHNzbC5jb20vc2ZzY2EuY3JsMCegJaAjhiFodHRwOi8vY3JsLnN0YXJ0
c3NsLmNvbS9zZnNjYS5jcmwwgYAGA1UdIAR5MHcwdQYLKwYBBAGBtTcBAgEwZjAu
BggrBgEFBQcCARYiaHR0cDovL3d3dy5zdGFydHNzbC5jb20vcG9saWN5LnBkZjA0
BggrBgEFBQcCARYoaHR0cDovL3d3dy5zdGFydHNzbC5jb20vaW50ZXJtZWRpYXRl
LnBkZjANBgkqhkiG9w0BAQUFAAOCAgEAIQlJPqWIbuALi0jaMU2P91ZXouHTYlfp
tVbzhUV1O+VQHwSL5qBaPucAroXQ+/8gA2TLrQLhxpFy+KNN1t7ozD+hiqLjfDen
xk+PNdb01m4Ge90h2c9W/8swIkn+iQTzheWq8ecf6HWQTd35RvdCNPdFWAwRDYSw
xtpdPvkBnufh2lWVvnQce/xNFE+sflVHfXv0pQ1JHpXo9xLBzP92piVH0PN1Nb6X
t1gW66pceG/sUzCv6gRNzKkC4/C2BBL2MLERPZBOVmTX3DxDX3M570uvh+v2/miI
RHLq0gfGabDBoYvvF0nXYbFFSF87ICHpW7LM9NfpMfULFWE7epTj69m8f5SuauNi
YpaoZHy4h/OZMn6SolK+u/hlz8nyMPyLwcKmltdfieFcNID1j0cHL7SRv7Gifl9L
WtBbnySGBVFaaQNlQ0lxxeBvlDRr9hvYqbBMflPrj0jfyjO1SPo2ShpTpjMM0InN
SRXNiTE8kMBy12VLUjWKRhFEuT2OKGWmPnmeXAhEKa2wNREuIU640ucQPl2Eg7PD
wuTSxv0JS3QJ3fGz0xk+gA2iCxnwOOfFwq/iI9th4p1cbiCJSS4jarJiwUW0n6+L
p/EiO/h94pDQehn7Skzj0n1fSoMD7SfWI55rjbRZotnvbIIp3XUZPD9MEI3vu3Un
0q6Dp6jOW6c=
-----END CERTIFICATE-----
 2 s:/C=IL/O=StartCom Ltd./OU=Secure Digital Certificate Signing/CN=StartCom Class 1 Primary Intermediate Server CA
   i:/C=IL/O=StartCom Ltd./OU=Secure Digital Certificate Signing/CN=StartCom Certification Authority
-----BEGIN CERTIFICATE-----
MIIGNDCCBBygAwIBAgIBGDANBgkqhkiG9w0BAQUFADB9MQswCQYDVQQGEwJJTDEW
MBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwg
Q2VydGlmaWNhdGUgU2lnbmluZzEpMCcGA1UEAxMgU3RhcnRDb20gQ2VydGlmaWNh
dGlvbiBBdXRob3JpdHkwHhcNMDcxMDI0MjA1NDE3WhcNMTcxMDI0MjA1NDE3WjCB
jDELMAkGA1UEBhMCSUwxFjAUBgNVBAoTDVN0YXJ0Q29tIEx0ZC4xKzApBgNVBAsT
IlNlY3VyZSBEaWdpdGFsIENlcnRpZmljYXRlIFNpZ25pbmcxODA2BgNVBAMTL1N0
YXJ0Q29tIENsYXNzIDEgUHJpbWFyeSBJbnRlcm1lZGlhdGUgU2VydmVyIENBMIIB
IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtonGrO8JUngHrJJj0PREGBiE
gFYfka7hh/oyULTTRwbw5gdfcA4Q9x3AzhA2NIVaD5Ksg8asWFI/ujjo/OenJOJA
pgh2wJJuniptTT9uYSAK21ne0n1jsz5G/vohURjXzTCm7QduO3CHtPn66+6CPAVv
kvek3AowHpNz/gfK11+AnSJYUq4G2ouHI2mw5CrY6oPSvfNx23BaKA+vWjhwRRI/
ME3NO68X5Q/LoKldSKqxYVDLNM08XMML6BDAjJvwAwNi/rJsPnIO7hxDKslIDlc5
xDEhyBDBLIf+VJVSH1I8MRKbf+fAoKVZ1eKPPvDVqOHXcDGpxLPPr21TLwb0pwID
AQABo4IBrTCCAakwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYD
VR0OBBYEFOtCNNCYsKuf9BtrCPfMZC7vDixFMB8GA1UdIwQYMBaAFE4L7xqkQFul
F2mHMMo0aEPQQa7yMGYGCCsGAQUFBwEBBFowWDAnBggrBgEFBQcwAYYbaHR0cDov
L29jc3Auc3RhcnRzc2wuY29tL2NhMC0GCCsGAQUFBzAChiFodHRwOi8vd3d3LnN0
YXJ0c3NsLmNvbS9zZnNjYS5jcnQwWwYDVR0fBFQwUjAnoCWgI4YhaHR0cDovL3d3
dy5zdGFydHNzbC5jb20vc2ZzY2EuY3JsMCegJaAjhiFodHRwOi8vY3JsLnN0YXJ0
c3NsLmNvbS9zZnNjYS5jcmwwgYAGA1UdIAR5MHcwdQYLKwYBBAGBtTcBAgEwZjAu
BggrBgEFBQcCARYiaHR0cDovL3d3dy5zdGFydHNzbC5jb20vcG9saWN5LnBkZjA0
BggrBgEFBQcCARYoaHR0cDovL3d3dy5zdGFydHNzbC5jb20vaW50ZXJtZWRpYXRl
LnBkZjANBgkqhkiG9w0BAQUFAAOCAgEAIQlJPqWIbuALi0jaMU2P91ZXouHTYlfp
tVbzhUV1O+VQHwSL5qBaPucAroXQ+/8gA2TLrQLhxpFy+KNN1t7ozD+hiqLjfDen
xk+PNdb01m4Ge90h2c9W/8swIkn+iQTzheWq8ecf6HWQTd35RvdCNPdFWAwRDYSw
xtpdPvkBnufh2lWVvnQce/xNFE+sflVHfXv0pQ1JHpXo9xLBzP92piVH0PN1Nb6X
t1gW66pceG/sUzCv6gRNzKkC4/C2BBL2MLERPZBOVmTX3DxDX3M570uvh+v2/miI
RHLq0gfGabDBoYvvF0nXYbFFSF87ICHpW7LM9NfpMfULFWE7epTj69m8f5SuauNi
YpaoZHy4h/OZMn6SolK+u/hlz8nyMPyLwcKmltdfieFcNID1j0cHL7SRv7Gifl9L
WtBbnySGBVFaaQNlQ0lxxeBvlDRr9hvYqbBMflPrj0jfyjO1SPo2ShpTpjMM0InN
SRXNiTE8kMBy12VLUjWKRhFEuT2OKGWmPnmeXAhEKa2wNREuIU640ucQPl2Eg7PD
wuTSxv0JS3QJ3fGz0xk+gA2iCxnwOOfFwq/iI9th4p1cbiCJSS4jarJiwUW0n6+L
p/EiO/h94pDQehn7Skzj0n1fSoMD7SfWI55rjbRZotnvbIIp3XUZPD9MEI3vu3Un
0q6Dp6jOW6c=
-----END CERTIFICATE-----
---
Server certificate
subject=/C=UA/CN=demo-srv.webitel.com/[email protected]
issuer=/C=IL/O=StartCom Ltd./OU=Secure Digital Certificate Signing/CN=StartCom Class 1 Primary Intermediate Server CA
---
No client certificate CA names sent
---
SSL handshake has read 5113 bytes and written 581 bytes
---
New, TLSv1/SSLv3, Cipher is AES256-GCM-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : AES256-GCM-SHA384
    Session-ID: C8F6693AD88FA82ED2DE49B0667BC6E67D88715C5F3A7CE072D76AD29EFB1CB4
    Session-ID-ctx:
    Master-Key: C5D3AACDE2B690ADFF1FC20C529D2E225BDB7AC1381E5AF8A6C65CC7B67319C1F82C3816685E8EE73EDAE8155D72A33E
    Key-Arg   : None
    Krb5 Principal: None
    PSK identity: None
    PSK identity hint: None
    TLS session ticket lifetime hint: 300 (seconds)
    TLS session ticket:
    0000 - 3f 5a f8 d5 39 eb 0f 1a-d9 79 f0 60 a4 6f 25 13   ?Z..9....y.`.o%.
    0010 - 64 d8 ac a9 de 32 af cf-e6 fe e5 05 99 86 46 5a   d....2........FZ
    0020 - e7 68 11 1d 50 d2 89 5f-ab e7 fe 3f ad 31 a9 62   .h..P.._...?.1.b
    0030 - 05 b5 4c 46 7e a6 4f c2-b1 e1 24 bd 5b 87 52 73   ..LF~.O...$.[.Rs
    0040 - ae 29 e3 dc 89 8a b3 53-32 56 eb 1a 84 8f 7a c9   .).....S2V....z.
    0050 - b9 5f ec 93 21 87 48 d7-d3 f3 6a cd 25 9a bb e7   ._..!.H...j.%...
    0060 - 0f c2 40 27 ea 28 0c a5-e7 7d 1b c4 ff cf 6c 7e   [email protected]'.(...}....l~
    0070 - 11 db 58 10 8d 5d ee 45-0f 04 29 f2 3f 78 1e 09   ..X..].E..).?x..
    0080 - c1 ea e5 bc e7 1b 30 b0-7b 4a 51 c3 3b 9a fe bb   ......0.{JQ.;...
    0090 - f4 c9 75 66 62 fe ad 78-8d d0 3d 76 4e 59 6c d4   ..ufb..x..=vNYl.
    Start Time: 1412057396
    Timeout   : 300 (sec)
    Verify return code: 0 (ok)
---

 

Похожие статьи

1 Comment

  1. Иногда необходимо указывать путь к сертификатам через initd файл:

    /etc/init.d/freeswitch
    FREESWITCH_ARGS="-nc -g daemon -certs /opt/webitel/certs"