Hello.
I’m having trouble with setting up TLS over chan-sip. I’m using a sip-trunk where I have got the authentication to work over TLS, but voice is still sent as plain.
This is with following settings in Asterisk SIP-settings/chan-sip settings:
Enable TLS = Yes
Certificate manager = “Select a certificate” (I have not selected any certificate)
SSL Method = tlsv1
Don’t verify server = Yes
And my SIP-trunk settings are:
Outgoing:
type=peer
transport=tls
outboundproxy:5065=[proxy-server address],force
host=[SIP-server address]
fromuser=+12345678890
fromdomain=[domain name]
username=[myusername]
secret=[mypassword]
dtmfmode=auto
insecure=port,invite
qualify=yes
canreinvite=no
context=from-trunk
And for incoming:
USER context:
+1234567890
Register string:
tls://+1234567890@[domain]:mypassword:myusername@[SIP-server address]/1234567890
(I have replaced my credentials and server addresses)
The problem is that when I select a certificate in the Asterisk SIP-settings/chan-sip settings, I start to get following error in the Asterisk console:
[2019-01-30 14:18:32] ERROR[24949]: tcptls.c:727 handle_tcptls_connection: Problem setting up ssl connection: error:00000001:lib(0):func(0):reason(1), Internal SSL error
[2019-01-30 14:18:32] WARNING[24949]: tcptls.c:814 handle_tcptls_connection: FILE * open failed!
And it causes the SIP-trunk to not register at all, it tries but with error:
chan_sip.c:15907 sip_reg_timeout: – Registration for ‘+1234567890@[SIP-server address]’ timed out, trying again