I’m on asterisk 18, compiled on Slackware 15
with pjsip 2.12.1
On pjsip.conf if I use
method=tlsv1_2
enable tls 1.2 OK
But if I want tls1.3…
method=tlsv1_3
give me error!
if I use
method=default
it enable…tls1!
Someone know a workaround or how to enable tls 1_3?
Thanks
Solution found.
a)Recompile pjsip with this patch
--- pjproject-2.12.1/pjsip/include/pjsip/sip_transport_tls.h 2023-02-21 00:23:36.665297731 +0100
+++ pjproject-2.12.1/pjsip/include/pjsip/sip_transport_tls.h 2023-02-21 00:23:58.331806349 +0100
@@ -48,7 +48,7 @@
* Default is PJSIP_TLSV1_METHOD
*/
#ifndef PJSIP_SSL_DEFAULT_METHOD
-# define PJSIP_SSL_DEFAULT_METHOD PJSIP_TLSV1_METHOD
+# define PJSIP_SSL_DEFAULT_METHOD PJSIP_TLSV1_3_METHOD
#endif
b)remove method line from pjsip.conf
c)restart asterisk and test with those commands
openssl s_client -connect asterisk1.blu.priv:5061 -tls1_1 MUST FAIL
openssl s_client -connect asterisk1.blu.priv:5061 -tls1_2 MUST FAIL
openssl s_client -connect asterisk1.blu.priv:5061 -tls1_3 OK!
d)remind a lot of client and server don’t support tls1_3
Thank you. Very useful HowTo
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.