Once i got below error when audio start playing to my browser client in chrome.
ERROR[C-0000000c]: res_rtp_asterisk.c:2042 __rtp_recvfrom: DTLS failure occurred on RTP instance '0x7f547c013c68' due to reason 'sslv3 alert handshake failure', terminating WARNING[C-0000000c]: res_rtp_asterisk.c:3911 ast_rtcp_read: RTCP Read error: Unspecified. Hanging up. WARNING[C-0000000c]: app_playback.c:493 playback_exec: Playback failed on SIP/104600-00000007 for /var/www/html/fetch_prompt
I had googled and found many related and unrelated solutions. Finally i found that it was with openssl. Only solution is to update openssl. So i tried to update openssl from source as in this link. But even though "openssl version" command show updated version number, asterisk was still using previous openssl version.
So i updated openssl in ubuntu 14 using below commands
# echo 'deb http://us.archive.ubuntu.com/ubuntu/ xenial main restricted universe multiverse' > /etc/apt/sources.list.d/xenial.list # aptitude update # aptitude install -y openssl libssl-dev # rm /etc/apt/sources.list.d/xenial.list # aptitude update
After executing above commands, try below commands and check if openssl is updated or not
# ldd /usr/sbin/asterisk | grep libssl libssl.so.1.0.0 => /lib/x86_64-linux-gnu/libssl.so.1.0.0 (0x00007f33ce117000) # strings /lib/x86_64-linux-gnu/libssl.so.1.0.0 | grep 1.0.2 OPENSSL_1.0.2 OPENSSL_1.0.2g SSLv3 part of OpenSSL 1.0.2g-fips 1 Mar 2016 TLSv1 part of OpenSSL 1.0.2g-fips 1 Mar 2016 DTLSv1 part of OpenSSL 1.0.2g-fips 1 Mar 2016 OpenSSL 1.0.2g-fips 1 Mar 2016 # openssl version OpenSSL 1.0.2g-fips 1 Mar 2016
If openssl is updated, please recreate asterisk keys by deleting older ones
# rm /etc/asterisk/keys/* # cd /usr/src/astersik*/contrb/scripts # sudo ./ast_tls_cert -C pbx.mycompany.com -O "My Super Company" -d /etc/asterisk/keys # asterisk -rx "reload"
N.B : You should reload asterisk after changing keys