I was thinking of this for long, to keep notes of my different works on Asterisk and A2billing in different time.
Many different problem I'd faced and put them in various places, that quite difficult to find now.
So, now I thought to put them in together and keep updating everytime, I'm updating anything. Which means, this blog, is elastic.
1. Today I was installing asterisk CDR viewer, the simplest CDR viewer for asterisk, and faced a problem like -
my_load_module: Failed to connect to mysql database asteriskcdrdb on localhost.This problem is just placed in /etc/asterisk/cdr_mysql.conf
[global]
hostname=localhost
dbname=asteriskcdrdb
table=cdr
password=kikori2015
user=root
port=3306
;sock=/tmp/mysql.sock
You can see that sock is given wrong mysql.sock which ofcourse asterisk didn't found and produce above error.
Replace it with
sock=/var/lib/mysql/mysql.sock
Its up and running.
2. Configure https for A2billing web access, and enforce to use only https
Environment is - CentOS 6.5 (X86_64)
Asterisk Version - 11
Install openssl and mod_ssl
[root@asterisk11 ~]# yum install mod_ssl opensslGenerate CA key
[root@asterisk11 ~]# openssl genrsa -out ca.key 1024Request Certificate Signing Request from certificate authority. It will ask some information, like - location, country, common-name, organization name etc. Fill with appropriate information
Generating RSA private key, 1024 bit long modulus
......++++++
....................++++++
e is 65537 (0x10001)
[root@asterisk11 ~]# openssl req -new -key ca.key -out ca.csr
-----
Country Name (2 letter code) [XX]:DE
State or Province Name (full name) []:Schleswig-Holstein
Locality Name (eg, city) [Default City]:Neumuenster
Organization Name (eg, company) [Default Company Ltd]:Junkclearing Ltd.
Organizational Unit Name (eg, section) []: VoIP
Common Name (eg, your name or your server's hostname) []:junkvoip
Email Address []:info@junkvoip.com
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:abcd1234
An optional company name []:junk
Generate CA certificate.
[root@asterisk11 ~]# openssl x509 -req -days 1826 -in ca.csr -signkey ca.key -out ca.crt
Signature okCopy all files to tls directory.
subject=/C=DE/ST=Schleswig-Holstein/L=Neumuenster/O=Junkclearing Ltd./OU=VoIP/CN=junkvoip/emailAddress=info@junkvoip.com
[root@asterisk11 ~]# cp ca.crt /etc/pki/tls/certs/Disable SELINUX
[root@asterisk11 ~]# cp ca.key /etc/pki/tls/private/
[root@asterisk11 ~]# cp ca.csr /etc/pki/tls/private/
[root@asterisk11 ~]# setenforce 0
setenforce: SELinux is disabled
Change & restore pki directory and files but not file label
[root@asterisk11 ~]# restorecon -RvF /etc/pki/
Configure your newly created CERT and KEY at ssl.conf
[root@asterisk11 ~]# vi +/SSLCertificateFile /etc/httpd/conf.d/ssl.conf
SSLCertificateFile /etc/pki/tls/certs/ca.crt
SSLCertificateKeyFile /etc/pki/tls/private/ca.key
Make change in httpd.conf
[root@asterisk11 ~]# vim /etc/httpd/conf/httpd.conf
AllowOverride All
Enforce https instead of http in DocumentRoot [i.e. /var/www/html ]
[root@asterisk11 html]# cat .htaccess
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
You are Ready.
No comments:
Post a Comment