Hello, Please keep the list in CC.
Regarding opening new TLS 1.3 connection, this should work, but did not tested it right now. If not, open an issue on our tracker. Regarding the option to restrict to only TSLv1.3 connection - I have added support for configuring this to git master version in commit 105600b3. Maybe you can give it a try, the patch should probably apply to 5.6.x branch. Cheers, Henning From: Helio <[email protected]> Sent: Wednesday, August 17, 2022 2:52 PM To: Henning Westerholt <[email protected]> Subject: Re: [SR-Users] TLSv1.3 support Regarding the full support, I would like to know if Kamailio can start a TLSv1.3 connection as a client. Another point is if we can restrict to accept only TLS v1.3 and not TLSv1.2 for instance. Thanks, Helio Em ter., 16 de ago. de 2022 às 11:45, Henning Westerholt <[email protected]<mailto:[email protected]>> escreveu: Hello, not sure about the question about “full support”, maybe you can add details. Kamailio supports connection with TLSv1.3: $ openssl s_client -connect kam04.tst.domain.net:5061<http://kam04.tst.domain.net:5061> -tls1_3 2>&1 | tail -n 10 New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384 Server public key is 4096 bit Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE No ALPN negotiated Early data was not sent Verify return code: 0 (ok) Cheers, Henning From: sr-users <[email protected]<mailto:[email protected]>> On Behalf Of Helio Sent: Monday, August 15, 2022 8:01 PM To: [email protected]<mailto:[email protected]> Subject: [SR-Users] TLSv1.3 support Hello, I noticed that Kamailio has option TLSv1.2+. Does the Kamailio support full TLSv1.3? Or does it have any restrictions? BR,
__________________________________________________________ Kamailio - Users Mailing List - Non Commercial Discussions * [email protected] Important: keep the mailing list in the recipients, do not reply only to the sender! Edit mailing list options or unsubscribe: * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
