[Freeswitch-users] sips, tls, srtp, etc

[Bzzz]

FS latest
FusionPBX
=====================

Hi list,

I read a lot from the wiki, but I'm a bit lost about securing calls.

From what I read elsewhere, ssl+srtp seems to be the best
solution, however the wiki only talks about tls+srtp.

I modified conf/vars.xml as of the wiki & enabled xxx_ssl_enable,
but put 'sslv23' instead of 'tls'; I also modified
conf/directory/default.xml (from 'tls' to 'sslv23') as:
<param name="dial-string" value="{sip_secure_media=${regex(${sofia_contact(${dialed_user}@${dialed_domain})}|transport=sslv23)},presence_id=${dialed_user}@${dialed_domain}}${sofia_contact(${dialed_user}@${dialed_domain})}" />
is this right & sufficient?

If not, what do I miss or what would be the best solution to make
sure all calls will be secured both signaling & conversations?

At this time, I make tests with the jitsi softphone (ex
sip-commu‭nicator) which seems to use SRTP once the SAS has been
accepted from each side: that's what wireshark shows, but it also
show that SIP is use instead of SIPS, is it because I move 'tls' to 
'sslv23'?

JY
--