I’m trying to set up TLS encryption on my SIP server running RasPBX (Asterisk 16 & FreePBX 15). Unfortunately there’s not too much information online about a complete workflow on how this should be done. So far I did the following
- Created a Let’s encrypt certificate
- SIP Settings > General SIP Settings > Security Settings > Default TLS Port Assignment > pjsip
- SIP Settings > SIP Settings [chan_pjsip] > TLS/SSL/SRTP Settings
- Certificate Manager: mycert
- SSL Method: tls1_2
- Verify client: yes
- Verify server: yes
- TLS: tls - 0.0.0.0 - All - Yes
- Extension: myextension > Advanced > Edit extension
- Transport: 0.0.0.0-tls
- Media encryption: SRTP via in-SDP
- Allow Non-Encrypted Media (Opportunistic SRTP): No
Ports 5060, 5061 are forwarded and my non encrypted extensions are working ok over UDP.
For the encrypted extension it throws Registration Failed error.
Has anybody used Zoiper in this configuration?