[asterisk-users] PJSIP and Grandstream Wave with TSL and SRTP
hw
hw at gc-24.de
Thu Jan 23 17:04:50 CST 2020
On Thursday, January 23, 2020 11:31:46 PM CET Sean Bright wrote:
> On 1/21/2020 9:18 PM, hw wrote:
> > [transport-tls]
> > type = transport
> > protocol = tls
> > bind = 0.0.0.0:5061
> > tos = cs5
> > cert_file = /etc/asterisk/cert/asterisk.pem
> > ca_list_file = /etc/pki/tls/certs/ca-bundle.crt
> > method = sslv23
>
> This is what mine looks like which works just fine:
>
> [transport-tls]
> type = transport
> protocol = tls
> method = tlsv1_2
> cipher =
> ECDHE-ECDSA-AES256-GCM-SHA384,ECDHE-RSA-AES256-GCM-SHA384,ECDHE-ECDSA-AES128
> -GCM-SHA256,ECDHE-RSA-AES128-GCM-SHA256,ECDHE-ECDSA-AES256-SHA384,ECDHE-RSA-
> AES256-SHA384,ECDHE-ECDSA-AES128-SHA256,ECDHE-RSA-AES128-SHA256
> cert_file = /etc/letsencrypt/live/specialdomain.com/fullchain.pem
> priv_key_file = /etc/letsencrypt/live/specialdomain.com/privkey.pem
Thanks, it still says
SSL SSL_ERROR_SSL (Handshake): Level: 0 err: <336109761> <SSL routines-
ssl3_get_client_hello-no shared cipher> len: 0 peer: 10.10.20.29:54937
Why does it even say ssl3 despite tlsv1_2 is set?
Is there a way to see which cipher(s) a client is trying to use?
More information about the asterisk-users
mailing list