Yes, the default of PJSIP is TLS 1.0-only and therefore a disaster. With that parameter value above, you change to auto-negotiation. However, if you upgrade your OpenSSL to 1.1 or newer, PJSIP auto-negotiates even on default. If you want to take greater control about this, there is a dedicated thread…