Asteirsk 1.8 + TLS + SPA2102

Hi All,
I am trying to configure Asterisk 1.8.1 box with TLS. I followed the voip-info.org/wiki/view/SIP+TLS and i got all working. I am able to use TLS with softphones (phonelite) but when i am trying to use SPA2102 i am getting following error:
== Problem setting up ssl connection: error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher
Dec 12 13:24:04 WARNING12803: tcptls.c:218 handle_tcptls_connection: FILE * open failed!

Some one please help me out. I need quick response, please help.

Howdy,

Try tlsv1 instead of the sslv3 as the TLS protocol that you configure on the SPA2102.

Thanks for your reply.

SPA2102 has only one option for TLS i can choose from under sip settings.

Please suggest.

So the SPA2102 doesn’t support TLSv1? Is there a firmware upgrade that offers this support?

This thread:
cisco-support2.uat3.hosted.jive … 021542.pdf

Indicates some problem with the SPA2102 in supporting SRTP for non-Cisco equipment. This is not TLS support, but it points to the SPA2102 not being a good device for secure calling, since enabling TLS without SRTP isn’t totally effective - your calls are still vulnerable to snooping by anyone who captures the RTP.

Cheers.

thanks for your help. I got it fixed, i commented ;tlscipher=DES-CBC3-SHA in sip.conf and SPA2102 is working with tlsv1. We traced the packets also, server and SPA can communicate with using TLS.

If any one need SPA2102 working with asterisk + TLS, please follow link i posted in my first post but just do not add tlscipher=DES-CBC3-SHA or comment it out.

Good to know, thanks. :smile: