I’m trying to connect to Siptrunk.com using TLS, and my PBX (Asterisk/FreePBX) successfully registers the trunk. However, the connection closes after about 30 seconds with this error in the Asterisk logs:
WARNING[304484] pjproject: SSL 6 [SSL_ERROR_ZERO_RETURN] (Read) ret: 0 len: 65535
At the same time, Wireshark packet captures show an “Encrypted Alert” sent by siptrunk.com, followed immediately by FIN, ACK, which suggests the remote server is closing the connection. However, I’m not 100% sure if I’m interpreting this correctly.
What I’ve Tried So Far:
- Keep-Alive Interval:
- I originally suspected a firewall issue closing the state, so I set TLS Keep-Alive to 10 seconds.
- However, if I increase the keep-alive interval, the connection stays open longer before getting the “Encrypted Alert”.
- This suggests it’s not a firewall issue but something TLS-related.
- Certificates & CA Trust:
- Siptrunk.com provided me with a “TLS certificate,” which appears to be a Comodo root certificate.
- This root cert is already installed in my system’s CA-Certificates bundle, so I don’t think this is a trust issue.
- TLS Certificates on My PBX:
- I have a Let’s Encrypt (LE) certificate installed on port 5061 for my phones/clients connecting via TLS.
- My understanding is that this should not affect my SIP trunk’s TLS connection, but could there be a conflict?
My Questions:
- Does the “Encrypted Alert” from Siptrunk.com indicate a TLS-related issue on their end, or is my PBX misconfigured?
- Could my PBX’s Let’s Encrypt certificate affect the SIP trunk TLS handshake?
- Has anyone successfully registered a SIP trunk with Siptrunk.com over TLS, and did you need to modify any special settings?
- Are there any additional TLS debugging steps I should take in Asterisk to diagnose the issue?
Any insights would be greatly appreciated!