Are there any plans to update FreePBX 13 or 14 to support TLS v1.1 or higher? It seems the majority of the web is on v1.2 and headed to v1.3?
This seems like an “if you build it they will come…” kind of scenario where either the PBX developers or the endpoint developers have to make the first step in adding this increased security before the other party will.
Also, stronger cipher support would be appreciated too. I currently have a number of softphones that suport stronger ciphers but I receive the following error messages in my FreePBX logfile when this setting is on the endpoints.
[2016-08-11 16:54:34] WARNING[28609][C-0000001b] sdp_srtp.c: Unsupported crypto suite: AES_256_CM_HMAC_SHA1_80
[2016-08-11 16:54:34] WARNING[28609][C-0000001b] sdp_srtp.c: Unsupported crypto suite: AES_256_CM_HMAC_SHA1_32
[2016-08-11 16:54:34] WARNING[28609][C-0000001b] sdp_srtp.c: Unsupported crypto suite: AES_192_CM_HMAC_SHA1_80
[2016-08-11 16:54:34] WARNING[28609][C-0000001b] sdp_srtp.c: Unsupported crypto suite: AES_192_CM_HMAC_SHA1_32
Thanks.