You can capture pcap via TLS port and check using Wireshark. It may provided some info.
On Thu, Feb 23, 2023, 8:33 PM <[email protected]> wrote: > Hello, > > We have one Kamailio Instance connected with MS Teams (based on this > instruction: https://skalatan.de/en/blog/kamailio-sbc-teams), which > worked fine for a while until recently we noticed that calls from teams are > not working anymore. When I looked through the logs I found that Microsoft > cannot establish a TLS connection to our server because of the cipher: > TLS accept:error:1408A0C1:SSL routines:ssl3_get_client_hello:no shared > cipher (sni: sbc.example.com - domain is obfuscated). > Certificate is valid, the configuration is below: > > [server:default] > method = TLSv1.2+ > verify_certificate = no > require_certificate = no > private_key = /usr/local/etc/kamailio/certs/ > example.net/sbc1-teams_example_net.key > certificate = /usr/local/etc/kamailio/certs/ > example.net/sbc1-teams_example_net.crt > server_name = sbc1-teams.example.net > ca_list = /usr/local/etc/kamailio/certs/sectigo_ca.pem > #ca_list=/etc/ssl/certs/ca-bundle.crt > > [client:default] > method = TLSv1.2+ > verify_certificate = no > require_certificate = no > private_key = /usr/local/etc/kamailio/certs/ > example.net/sbc1-teams_example_net.key > certificate = /usr/local/etc/kamailio/certs/ > example.net/sbc1-teams_example_net.crt > ca_list = /usr/local/etc/kamailio/certs/sectigo_ca.pem > #ca_list=/etc/ssl/certs/ca-bundle.crt > > We use a certificate from Sectigo, but I've tried with Let's Encrypt - and > it's the same. Any idea what could be the reason? > __________________________________________________________ > Kamailio - Users Mailing List - Non Commercial Discussions > To unsubscribe send an email to [email protected] > Important: keep the mailing list in the recipients, do not reply only to > the sender! > Edit mailing list options or unsubscribe: >
__________________________________________________________ Kamailio - Users Mailing List - Non Commercial Discussions To unsubscribe send an email to [email protected] Important: keep the mailing list in the recipients, do not reply only to the sender! Edit mailing list options or unsubscribe:
