Asterisk and tls renegotiation: no way to disable it except using 1_3?

pnirru · January 27, 2025, 9:26pm

As I know tls 1_3 don’t use the renegotiation, more info about renegotiation are here

The problem is a lot of clients, softphones don’t support tls 1_3, they support only tls_1_2.
The question is: there is way/mode to disable re-negotiation on tls 1_2 in pjsip?
Some software (postfix for example) admit the use of tls 1_2 + renegotiation disabled ( tls_ssl_options = NO_RENEGOTIATION)

jcolp · January 28, 2025, 9:11am

There is no configuration or support for such a thing. You can submit a feature request here[1].

[1] GitHub · Where software is built

Topic		Replies	Views
Enable TLSv1.2 only in SIP/TLS transport Asterisk SIP	6	10021	May 24, 2019
Please a little help to enable tls1_3 on pjsip Asterisk SIP	3	995	March 23, 2023
TLS renegotiation Attack Asterisk Support	0	306	June 14, 2012
Asterisk 13 - Force TLSv1.2 Asterisk Support	3	1907	June 13, 2017
Pjsip ssl method Asterisk SIP	3	464	December 2, 2022

Asterisk and tls renegotiation: no way to disable it except using 1_3?

Related topics