[Freeswitch-users] TLS stops when a call is enabled

Brian West brian at freeswitch.com
Mon Sep 26 15:33:18 UTC 2022


This is a variable:
 <param name='rtp_secure_media' value='mandatory: AES_CM_128_HMAC_SHA1_80'/>

NOT A PARAM.

/b


On Mon, Sep 26, 2022 at 9:09 AM Aina Mestre <aina.mestre at airenetworks.es>
wrote:

> Good morning,
>
>
>
> I’m trying to configure SRTP with TLS on Freeswitch. I already have SRTP,
> and I can establish a conversation with TLS, but when I make a call, it
> says “encrypted alert” and the TLS conversation stops sending the INVITE in
> TCP. I have been looking for some solutions and it states that the problema
> may be that the certificate is not properly configured or that TLS is not
> properly configured. It is imposible that the certificate has any problems
> because I currently get TLS untill the call starts.
>
>
>
> Here it is the configuration on my profile:
>
>
>
>
>
>         <param name='rtp_secure_media' value='mandatory:
> AES_CM_128_HMAC_SHA1_80'/>
>
>         <param name='bind-params" value="tls"/>
>
>         <param name='tls-version' value='tlsv1'/>
>
>         <param name='register-transport' value='tls'/>
>
>         <param name="register" value="false"/>
>
>         <param name="transport" value="tls"/>
>
>         <param name="tls" value="$${internal_ssl_enable}"/>
>
>         <param name="tls-only" value="true"/>
>
>         <param name="tls-bind-params" value="transport=tls"/>
>
>         <param name="tls-sip-port" value="$${internal_tls_port}"/>
>
>         <param name="tls-cert-dir" value="/usr/local/freeswitch/conf"/>
>
>         <param name="tls-verify-date" value="true"/>
>
>         <param name="tls-verify-policy" value="none"/>
>
>         <param name="tls-version" value="$${sip_tls_version}"/>
>
>         <param name="tls-ciphers" value="$${sip_tls_ciphers}"/>
>
>         <param name="contact-params" value="tport=tls"/>
>
>         <param name="ws-binding" value="XX.XX.XX.XX:5061"/>
>
>
>
> Also, I would like to make another observation: when I configure the
> bridge has transport=TLS ( <action application="bridge"
> data="{${t38}}${mydialbridge};transport=tls"/>) in the dialplan, the debug
> says “TLS not supported by profile”
>
>
>
> Thank you for taking the time to deal with my queries
>
>
>
> Kind regards.
>
>
> _________________________________________________________________________
>
> The FreeSWITCH project is sponsored by SignalWire https://signalwire.com
> Enhance your FreeSWITCH install with disruptive priced SMS and PSTN
> services.
> Build your next product on our scalable cloud platform.
>
> Join our online community to chat in real time
> https://signalwire.community
>
> Professional FreeSWITCH Services
> sales at freeswitch.com
> https://freeswitch.com
>
> Official FreeSWITCH Sites
> https://freeswitch.com/oss
> https://freeswitch.org/confluence
> https://cluecon.com
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> https://freeswitch.com
>


-- 

Brian West | Co-founder and Developer

Need Commercial support? email sales at freeswitch.com

FreeSWITCH Solutions | 17345 Civic Drive #2531 Brookfield, WI 53045
<https://maps.google.com/?q=17345+Civic+Drive+%232531+Brookfield,+WI+53045&entry=gmail&source=g>

Email: brian at freeswitch.com

Mobile: 918-424-9378

Website: https://www.FreeSWITCH.com <https://www.freeswitch.com/>

[image: https://www.facebook.com/signalwireinc?src=email]
<https://www.facebook.com/freeswitch> [image:
https://twitter.com/freeswitch] <https://twitter.com/freeswitch>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20220926/cfe456cb/attachment-0001.html>


More information about the FreeSWITCH-users mailing list