Pjsip and multiple tls version support

Hi all,

We have a mix of SNOM and Yealink phones. The SNOM phones only support SSLV2.3 while the Yealinks support TLSV1. If I set the “SSL Method” to either one, on under Sip Settings, the other will not work. Is it possible to support more than one SSL/TLS version per SIP connection? Much like apache or nginx?

Am I just doing something wrong?


You’re better of not using TLS or updating the phones to firmware (if possible) that support the current TLS versions. SSLv2/3 is dead. TLSv1 is dead. This will require you to run versions of OpenSSL that build out with that support, which the current ones don’t (SSLv2/3 that is) you have to compile them with that support in recent versions.

Staying with outdated phones and wanting TLS support for them will leave your system open to vulnerabilities in those versions that aren’t being fixed and are well known. It is not the best security move to make.

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.