Summary:ASTERISK-16959: [regression] sslbindport/tlsbindport in http.conf not working
Reporter:Olaf Holthausen (oholthau)Labels:
Date Opened:2010-11-15 07:45:55.000-0600Date Closed:2012-02-02 11:05:01.000-0600
Versions:Frequency of
Description:Dear Sirs,

there should be a parameter sslbindport or tlsbindport to set the listening port for the https AMI interface.
The port setting seems to disappear on Revision 190940 while transfering the setting from http.c to tcptls.c.

Best regards
Comments:By: Leonardo Cardozo Vargas (lcvleo) 2010-11-17 10:05:38.000-0600

The same problem happens at manager.conf
If you enable tlsbindport parameter at manager.conf or http.conf, you can see an error message at logs telling us that this parameter is unknow.

By: Andrew Latham (lathama) 2010-11-17 17:07:24.000-0600

I am trouble shooting this at the moment.  I am having success with tlsbindaddr= in http.conf

Manager is binding to

By: Andrew Latham (lathama) 2010-11-17 17:13:47.000-0600

Just tested manager.conf

enabled = yes
webenabled = yes
port = 5038
bindaddr =

CLI> manager show settings

Global Settings:
 Manager (AMI):             Yes            
 Web Manager (AMI/HTTP):    Yes            
 TCP Bindaddress: 
 HTTP Timeout (minutes):    60            
 TLS Enable:                Yes            
 TLS Bindaddress: 
 TLS Certfile:              /etc/asterisk/a
 TLS Privatekey:            /etc/asterisk/a
 TLS Cipher:                              
 Allow multiple login:      Yes            
 Display connects:          Yes            
 Timestamp events:          Yes            
 Channel vars:                            
 Debug:                     No            
 Block sockets:             No    

You will also note that the output of the cert files is cut off... that is in the manager...

Asterisk SVN-branch-1.8-r295078

By: Leonardo Cardozo Vargas (lcvleo) 2010-11-18 04:34:04.000-0600

[Nov 18 08:30:12] NOTICE[10881] manager.c: Invalid keyword <tlsbindport> = <5039> in manager.conf [general]

Asterisk SVN-branch-1.8-r295361

By: Paul Belanger (pabelanger) 2010-11-18 08:38:24.000-0600

I've seen this locally too

By: Andrew Latham (lathama) 2010-11-18 08:48:26.000-0600

I did a quick look and tested many formats.  When reloading twice the configurations would be saved differently than when reloading once.  The tlsbindaddr needs the port appended in http.conf but is appears to be hard coded in manager

By: Andrew Latham (lathama) 2010-12-06 14:30:24.000-0600

From what I have seen in the code.  The settings should be standardized across all protocols.  I imagine that the configurations for IAX2 are the most advanced/correct.