HI Callum,
Currently I stuck with PEM certificates because my configuration is for
testing only (not productive). One last thing to check with you, I am
unable to use 1_2 version in my opensips. Actually, opensips restarted
without error but I am unable to perform handshake.
Regards,
On Thu,
Hi Ali,
Glad the suggestions were helpful.
The certificate is just a regular SSL cert, in PEM format just with a
different file extension. Depending on your implementation you might want
to look into public verifiable certificates (if you're public facing) -
available for free if you want to
Dear Callum,
Thanks a lot. it help me to establish a TLS connection with ECDH suite. but
I used my own certificate.pem rather than the one you mentioned sip.crt.
Actually, I couldn't figure out from where I can get this kind of .crt
files.
On Mon, Jan 20, 2020 at 11:49 AM Callum Guy wrote:
> Hi
Hi Ali,
You'll need to setup your cipher list and DH file. You can generate a DH
param file like this: *openssl dhparam -out dhparam.pem 4096*
If you want to review locally available cipher suites you can run: *openssl
ciphers -v*
The OpenSIPs documentation clarifies the module configuration
Hello every one.
I am trying to test TLS in OpenSIPS 2.4, the testing is going fine but it
only support certain cipher suite methods such as (
AES256-GCM-SHA384,AES256-SHA256,AES256-SHA,CAMELLIA256-SHA,AES128-SHA,SEED-SHA,CAMELLIA128-SHA,RC4-SHA,DES-CBC3-SHA
)
For some reason, I need to use ECDHE