Didn't activate TLS v1 or didn't activate TLS at all? Do you have anything
like the following in your configuration?
enable_tls = yes
loadmodule "tls"
modparam( "tls", "config", "/etc/kamailio/tls.cfg" )
On Thu, 4 Apr 2024 at 21:27, Omar Atef via sr-users <
sr-users@lists
Check how libssl3 is configured in /etc/ssl/openssl.cnf.
You may need:
[system_default_sect]
MinProtocol = TLSv1.0
CipherString = ALL@SECLEVEL=0
From:
https://serverfault.com/questions/1143995/tls-1-0-broken-with-newer-debian-openssl
Regards
Richard
__
SIPTRACE module and SNGREP for TLS Capture:
https://www.voztovoice.org/?q=node/3020
Spanish
---
I'm SoCIaL, MayBe
El 4/04/2024 a las 3:12 a. m., Omar Atef via sr-users escribió:
Well, I've tried all versions lower than "TLSv1.2" and it didn't work just
Kamailio running fine without activatin
Well, I've tried all versions lower than "TLSv1.2" and it didn't work just
Kamailio running fine without activating TLS.
Also I wonder if there's a way to bug TLS SIP messages throw Kamailio itself
because as you know it doesn't appear in "sngrep".
Thanks,
__
Kamailio can run TLS V1.
It's insecure, but you can use:
Sets the TLS protocol method. Possible values are:
-
*TLSv1.3+* - TLSv1.3 or newer (TLSv1.3, ...) connections are accepted
(available starting with openssl/libssl v1.1.1)
-
*TLSv1.3* - only TLSv1.3 connections are accepted
