[asterisk-users] unsolved: Re: solved: how to create a working certificate for using TLS?

[hwilmer]

On 7/7/19 11:55 AM, Michael Maier wrote:
> On 06.07.19 at 22:16 hwilmer wrote:
>> Is there an advantage to using pjsip?  What's needed for easybell with pjsip?
> 
> For easybell, I don't know of any advantage. But that's not very reliable, because I'm using easybell for dedicated requirements only. I'm considering chan_sip legacy. I wouldn't build any new installation on chan_sip (if there are no technical
> contradictions).
> 
> Easybell does have a pretty fine documentation for FreePBX and pjsip:
> https://www.easybell.de/nc/hilfe/ergebnis/freepbx-130124-mit-asterisk-13.html

That's not for asterisk, and most documentations for asterisk are not for
pjsip.

> [why encryption?]
> 
>> I consider it a requirement for when employees end up using their mobile phones over foreign wireless networks, which is something that would be virtually impossible to prevent should the asterisk server be made reachable from the outside.
> 
> That's true. But don't forget to encrypt RTP at this point! This must be done additionally.
> BTW: easybell doesn't support full RTP encryption. It's supported for outgoing calls only (https://en.easybell.de/nc/help/questions/questions-concerning-the-telephone-connection/answer/does-easybell-support-the-data-encryption-srtp-for-voip.html).

They also say that encryption is possible:
https://en.easybell.de/nc/help/questions/questions-concerning-the-telephone-connection/answer/can-i-encrypt-the-telephony.html

I'll have to see what their support says about this.

> 
> That's an example for an inbound call - there isn't any support for RTP encryption:
[...]

That would really suck.  It is not acceptable that phone calls over the internet
shouldn't be encrypted.

> [...]