[asterisk-users] solved: PJSIP and Grandstream Wave with TSL and SRTP
hw
hw at gc-24.de
Wed Jan 29 12:41:56 CST 2020
Hi,
I've got it to work with the following transport:
[transport-tls]
type=transport
protocol=tls
bind=0.0.0.0:5061
ca_list_file=/etc/pki/tls/certs/ca-bundle.crt
cert_file=/etc/asterisk/cert/newc/himinbjorg.adminart.net.pem
priv_key_file=/etc/asterisk/cert/newc/himinbjorg.adminart.net.key.pem
This is using a self-signed certificate. Note that I omitted 'method='.
On Wednesday, January 22, 2020 3:18:23 AM CET hw wrote:
> Hi,
>
> after switching from chan_sip to chan_pjsip, a device running Grandstream
> Wave leads to the following error message on the asterisk console:
>
>
> SSL SSL_ERROR_SSL (Handshake): Level: 0 err: <336109761> <SSL routines-
> ssl3_get_client_hello-no shared cipher> len: 0 peer: 10.10.20.29:43357
>
>
> Something with the encryption must have changed with asterisk. How can I
> get the device to register again?
>
>
> [transport-tls]
> type = transport
> protocol = tls
> bind = 0.0.0.0:5061
> tos = cs5
> cert_file = /etc/asterisk/cert/asterisk.pem
> ca_list_file = /etc/pki/tls/certs/ca-bundle.crt
> method = sslv23
>
>
> 'method = tlsv1' doesn't work, either.
More information about the asterisk-users
mailing list