[asterisk-bugs] [JIRA] (ASTERISK-22961) DTLS-SRTP not working with SHA-256
Jay Jideliov (JIRA)
noreply at issues.asterisk.org
Tue Dec 10 16:41:03 CST 2013
Jay Jideliov created ASTERISK-22961:
---------------------------------------
Summary: DTLS-SRTP not working with SHA-256
Key: ASTERISK-22961
URL: https://issues.asterisk.org/jira/browse/ASTERISK-22961
Project: Asterisk
Issue Type: Bug
Security Level: None
Components: Channels/chan_sip/SRTP, Channels/chan_sip/WebSocket
Affects Versions: 12.0.0-beta2, 11.6.0
Reporter: Jay Jideliov
Recently it became possible to use websocket on asterisk without a proxy previously necessary to make calls from the web browser. Although partial support has been added, full browser cross-operability has not been achieved yet. However, it seems to be a relatively easy task.
Tested on Chrome+SIPML5+Asterisk 11, the connection can be established and works fine. However, due to the fact that Firefox sends SHA-256 packets which are not supported by asterisk, hence the support for this browser is limited by this issue.
Step 1: Adding certificates to support DTLS
dtlsenable = yes
dtlsverify = no
dtlscertfile=/etc/asterisk/keys/softphone.pem
dtlsprivatekey=/etc/asterisk/keys/key.pem
dtlscafile=/etc/asterisk/keys/key.pem
Step 2: Making a call
[Nov 25 15:05:50] WARNING[5628][C-0000005c]: chan_sip.c:11034 process_sdp_a_dtls: Unsupported fingerprint hash type 'sha-2' received on dialog '38f43a1f-15cd-ad69-c2b3-72c21b9de5fd'
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.asterisk.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the asterisk-bugs
mailing list