[Freeswitch-users] Freeswitch initiate outbound call using SIPs + SRTP error (SRTP unprotect )
Chhorm Chhatra
ch.chhatra at gmail.com
Mon Jul 9 07:20:42 UTC 2018
Hello,
Currently, I faced a problem regarding SRTP outbound call to user (Leg B).
The scenario is like this,
- We set up our own root CA to an IP address (e.g 192.168.0.13)
- We create a server certificate for freeswitch at 192.168.0.13
- Linphone is used as SIP client and is configured to trust our root CA
by default.
- Linphone A is configured to register to Freeswitch vis TLS + SRTP.
(One leg call to server has both SIPs and SRTP – completely secure)
- Linphone B is registered to Freeswitch via TLS + SRTP, and waiting for
Linphone A to call to.
(One leg call to server, e.g. 9196 (echo test), is completely secure with
SRTP + SIPs)
- Unfortunately, if A call to B, only A leg has SIPs + SRTP, but Leg B
is not encrypted with SRTP and SIPs at all. This causes *SRTP unprotect
failed with code 7 (auth check failed)**.*
+ Dialplan Configuration
<action application="set" data="rtp_secure_media=true"/>
<action application="export" data="rtp_secure_media=true"/>
The dial-string is <action application="bridge"
data="user/${dialed_extension}@${domain_name}"/>
+ Directory Configruation:
<param name="dial-string"
value="{rtp_secure_media=${regex(${sofia_contact(${dialed_user}@
${dialed_domain})}|transport=tls)},presence_id=${dialed_user}@
${dialed_domain}}${sofia_contact(${dialed_user}@${dialed_domain})}" />
My question is that, is there any configuration left that I have to set up
in order to let freeswitch initiate an outbound call to Leg B correctly
with SRTP and SIPs (tls)?
Any help would be really appreciated.
Thank you so much.
Best Regard,
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20180709/13c7eee3/attachment.html>
More information about the FreeSWITCH-users
mailing list