Federico, thanks
Did the changes in the file. It’s fixed.
Arik
> On 22 Dec 2019, at 19:28, Federico Cabiddu wrote:
>
> Hi Arik,
> I think that the problem is that you are using a configuration file for tls.
> In this case you have to specify there the parameters like ciphers, because
> the
Federico, Thank you
I added these lines to my config:
#!ifdef WITH_TLS
# - tls params -
modparam("tls","config","/usr/local/etc/kamailio/tls.cfg")
modparam("tls", "cipher_list", "HIGH")
modparam("tls", "tls_method", "TLSv1.2+")
#!endif
But it still doesn’t work.
I ran this test, but
com/>
From: sr-users On Behalf Of Arik Halperin
Sent: Tuesday, December 10, 2019 7:29 AM
To: sr-users@lists.kamailio.org
Cc: Tsur Arieli ; Yossi Shteingart
Subject: [SR-Users] Disabling weak SSL Cypher suites
Hello,
How can I disable:
TLS_RSA_WITH_RC4_128_SHA (0x5) INSEC
Hi,
for enabling a specific set of ciphers have a look at tls module's
cipher_list param:
http://www.kamailio.org/docs/modules/5.4.x/modules/tls.html#tls.p.cipher_list
.
For supporting specific versions of TLS look at tls_method param:
Hello,
How can I disable:
TLS_RSA_WITH_RC4_128_SHA (0x5) INSECURE128
TLS_RSA_WITH_RC4_128_MD5 (0x4) INSECURE128
What should I put in cypher_list in order to disable the above?
I would also like support TLS 1.2 and TLS 1.3, but remove support for 1.0 and
1.1
Thanks,
Arik
