488 Not Acceptable here on TLS + SRTP with multiple softphones


We’re running Asterisk 16.12.0 (ignore the logs, we’ve since upgraded) on FreePBX and we’re getting 488 Not Acceptable here with SRTP specifically on PJSIP.

Switching off SRTP or making it optional works fine, TLS still works at the signalling level but SRTP is a no-go on PJSIP.

FYI - Switching to Chan_SIP with the same codecs, and it works perfectly with SRTP.

We’ve tried using MicroSIP 3.20.0 and Jitsi 2.10.5550, both with the same results.

I’ve seen this mentioned by others several years ago e.g. in https://community.asterisk.org/t/asterisk-twilio-sip-tls-getting-488-not-acceptable-here/72028/16 but no workaround or solution was mentioned besides disabling SRTP altogether.

Pastebin for MicroSIP debug session.

Is it enabled in your extension settings?

Yes. It’s enabled.

Having said that, I was about to post my endpoint configuration when a line caught my eye -


Now, interestingly enough under Media Encryption, I never selected “DTLS-SRTP (not recommended)”.

Going back to FreePBX, I noticed that under DTLS, “Enable DTLS” was set to Yes. After switching this to No, i was able to make calls using SDES.

I created a new extension and noticed that upon creation, Enable DTLS is set to No. However after enabling Media Encryption(SRTP via in-SDP (recommended)), Enable DTLS is automatically set to Yes.

So, issue solved, however regarding the DTLS auto-enabling itself - i’m not sure if that’s intended behavior - if so could someone explain why?


It sounds like a bug. Submit it at issues.freepbx.org.

This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.