Process_sdp: Rejecting secure audio stream without encryption details

Hi every one i was new for asterisk. I have plan to do WEBRTC with asterisk . For this i have gone through the article " "
and connected with asterisk server, but while going the webRTC to sip call using SIPML5. i was getting flowing exception.
== Parsing ‘/usr/src/INSTALL/etc/asterisk/cli_permissions.conf’: Found
== Parsing ‘/usr/src/INSTALL/etc/asterisk/cli.conf’: Found
Asterisk Ready.
== WebSocket connection from ‘192.168.754.158:54053’ for protocol ‘sip’ accepted using version ‘13’
– Registered SIP ‘6001’ at 192.168.754.158:54053

Saved useragent “IM-client/OMA1.0 sipML5-v1.2016.03.04” for peer 6001
== Using SIP RTP CoS mark 5
[May 5 18:08:38] NOTICE[19954][C-00000001]: chan_sip.c:10377 process_sdp: Received SAVPF profle in audio offer but AVPF is not enabled, enabling: audio 52681 UDP/TLS/RTP/SAVPF 111 103 104 9 0 8 106 105 13 110 112 113 126
[May 5 18:08:38] WARNING[19954][C-00000001]: chan_sip.c:10776 process_sdp: Rejecting secure audio stream without encryption details: audio 52681 UDP/TLS/RTP/SAVPF 111 103 104 9 0 8 106 105 13 110 112 113 126

For solving this problem i have changed the configuration in " sip.conf " like


then also same problem

So, please any one can help to come out of this problem

You will need to provide the configuration itself so we can see what it is.

1 Like

thank you for you response jcolp

this is my sip.conf file

context=public ; Default context for incoming calls. Defaults to 'default’
allowguest=yes ; Allow or reject guest calls (default is yes)
; If your Asterisk is connected to the Internet
; and you have allowguest=yes
; you want to check which services you offer everyone

allowoverlap=yes ; Enable RFC3578 overlap dialing support.
; Can use the Incomplete application to collect the

realm=192.168.754.158 ;mydomain.tld ; Realm for digest authentication
; defaults to “asterisk”. If you set a system name in
; asterisk.conf, it defaults to that system name
; Realms MUST be globally unique according to RFC 3261
; Set this to your host name or domain name

udpbindaddr= ; IP address to bind UDP listen socket to ( binds to all)
; Optionally add a port number, (default is port 5060)

tcpenable=yes ; Enable server for incoming TCP connections (default is no)

tcpbindaddr=192.168.754.158 ; IP address for TCP server to bind to ( binds to all interfaces)
; Optionally add a port number, (default is port 5060)

websocket_enabled = true ; Set to false to prevent chan_sip from listening to websockets. This
; is neeeded when using chan_sip and res_pjsip_transport_websockets on
; the same system.

transport=udp,ws,wss ; Set the default transports. The order determines the primary default transport.
; If tcpenable=no and the transport set is tcp, we will fallback to UDP.

srvlookup=yes ; Enable DNS SRV lookups on outbound calls
; Note: Asterisk only uses the first host
; in SRV records
; Disabling DNS SRV lookups disables the
; ability to place SIP calls based on domain
; names to some other SIP users on the Internet
; Specifying a port in a SIP peer definition or
; when dialing outbound calls will supress SRV
; lookups for that peer or call.

disallow=all ; First disallow all codecs
allow=ulaw ; Allow codecs in order of preference
allow=ilbc ; see
; for framing options

encryption=yes ; Whether to offer SRTP encrypted media (and only SRTP encrypted media)
; on outgoing calls to a peer. Calls will fail with HANGUPCAUSE=58 if
; the peer does not support SRTP. Defaults to no.
encryption_taglen=80 ; Set the auth tag length offered in the INVITE either 32/80 default 80

avpf=yes ; Enable inter-operability with media streams using the AVPF RTP profile.

force_avp=yes ; Force ‘RTP/AVP’, ‘RTP/AVPF’, ‘RTP/SAVP’, and ‘RTP/SAVPF’ to be used for
; media streams when appropriate, even if a DTLS stream is present.


;qualify=200 ; Qualify peer is no more than 200ms away
host=dynamic ; This device registers with us
directmedia=no ; Asterisk by default tries to redirect the

basic-options ; a template

natted-phone ; another template inheriting basic-options

public-phone ; another template inheriting basic-options

my-codecs ; a template for my preferred codecs
; Or, more simply:

ulaw-phone ; and another one for ulaw-only
; Again, more simply:

Your configuration is incomplete and won’t work for WebRTC. I would suggest following the tutorial on the wiki[1] as you also have to create certificates for DTLS-SRTP.