<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<style type="text/css" style="display:none;"><!-- P {margin-top:0;margin-bottom:0;} --></style>
</head>
<body dir="ltr">
<div id="divtagdefaultwrapper" style="font-size:12pt;color:#000000;font-family:Calibri,Helvetica,sans-serif;" dir="ltr">
<p style="margin-top:0;margin-bottom:0">Cool, I will check that out. Thank you. :)</p>
<p style="margin-top:0;margin-bottom:0"><br>
</p>
<div id="Signature">
<div id="divtagdefaultwrapper" dir="ltr" style="font-size:12pt; color:rgb(0,0,0); background-color:rgb(255,255,255); font-family:Calibri,Arial,Helvetica,sans-serif,EmojiFont,"Apple Color Emoji","Segoe UI Emoji",NotoColorEmoji,"Segoe UI Symbol","Android Emoji",EmojiSymbols">
<div style="font-family:Tahoma; font-size:13px">
<div>
<div>
<p style="font-family:Tahoma; font-size:13px"></p>
<p style="font-family:Tahoma; font-size:13px"><br>
</p>
<p style="font-family:Tahoma; font-size:13px"><br>
</p>
<p>Robert Remsik</p>
<p>Telecom</p>
<p>Desk Phone: 970 491 7120</p>
<p>Robert.Remsik@colostate.edu</p>
<p style="font-family:Tahoma; font-size:13px"></p>
</div>
</div>
</div>
</div>
</div>
</div>
<hr style="display:inline-block;width:98%" tabindex="-1">
<div id="divRplyFwdMsg" dir="ltr"><font face="Calibri, sans-serif" style="font-size:11pt" color="#000000"><b>From:</b> Daniel-Constantin Mierla <miconda@gmail.com><br>
<b>Sent:</b> Tuesday, February 20, 2018 1:16:59 AM<br>
<b>To:</b> Kamailio (SER) - Users Mailing List; Remsik,Robert<br>
<b>Subject:</b> Re: [SR-Users] Kamailio 4.3 decrypting SIP-TLS</font>
<div> </div>
</div>
<div style="background-color:#FFFFFF">
<p>Hello,</p>
<p><br>
</p>
<p>for Kamailio v4.3 you can print is syslog the $mb as it was suggested in the other response (<a class="x_moz-txt-link-freetext" href="https://lists.kamailio.org/pipermail/sr-users/2018-February/100378.html">https://lists.kamailio.org/pipermail/sr-users/2018-February/100378.html</a>),
you can do that in request_route or onreply_route. In onsend_route you can print $snd(buf).</p>
<p><br>
</p>
<p>Then there is siptrace module that can work standalone and store sip traffic in a database table.</p>
<p><br>
</p>
<p>If you have a production system with lot of traffic, Homer Sipcapture project might be something to consider -- kamailio has the modules siptrace and sipcapture.</p>
<p><br>
</p>
<p>I also want to highlight that v5.1 has a new module sipdump that should simplify the capture of sip traffic:</p>
<p><br>
</p>
<p> * <a class="x_moz-txt-link-freetext" href="https://www.kamailio.org/docs/modules/stable/modules/sipdump.html">
https://www.kamailio.org/docs/modules/stable/modules/sipdump.html</a></p>
<p><br>
</p>
<p>I added it because I needed to look at tls traffic while developing/debugging.</p>
<p><br>
</p>
<p>Cheers,<br>
Daniel<br>
</p>
<br>
<div class="x_moz-cite-prefix">On 16.02.18 21:28, Remsik,Robert wrote:<br>
</div>
<blockquote type="cite"><style type="text/css" style="display:none">
<!--
p
{margin-top:0;
margin-bottom:0}
-->
</style>
<div id="x_divtagdefaultwrapper" dir="ltr" style="font-size:12pt; color:#000000; font-family:Calibri,Helvetica,sans-serif">
<p style="margin-top:0; margin-bottom:0">Hello!</p>
<p style="margin-top:0; margin-bottom:0"><br>
</p>
<p style="margin-top:0; margin-bottom:0">I'm working on setting up our kamailio instance to use TLS for inter-phone communication and so far I've been able to configure the GUI and get it to work which is great. However, I'm trying to grab a packet capture
and decode the TLS session to get the SIP ladder (so I can troubleshoot issues) and so far I've been unable to. I've been following the article at: <a href="http://packetpushers.net/using-wireshark-to-decode-ssltls-packets/" class="x_OWAAutoLink" id="LPlnk787507">http://packetpushers.net/using-wireshark-to-decode-ssltls-packets/</a> and
using the kamailio self-signed cert as I think that's the cert being used with no success. I'm getting the
<span style="font-size:12pt">Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA (0x0035) which doesn't use perfect forward secrecy so it should be able to be decoded.</span></p>
<p style="margin-top:0; margin-bottom:0"><span style="font-size:12pt"><br>
</span></p>
<p style="margin-top:0; margin-bottom:0">Is there a way to decode the kamailio TLS encoded communications so I can troubleshoot issues that may come up?</p>
<div><br>
</div>
Thank you in advance,
<div>Robert<br>
<p style="margin-top:0; margin-bottom:0"><br>
</p>
<div id="x_Signature">
<div id="x_divtagdefaultwrapper" dir="ltr" style="">
<div style="font-family:Tahoma; font-size:13px">
<div>
<div>
<p style="font-family:Tahoma; font-size:13px"><br>
</p>
<p style="font-family:Tahoma; font-size:13px"><br>
</p>
<p>Robert Remsik</p>
<p>Telecom</p>
<p>Desk Phone: 970 491 7120</p>
<p><a class="x_moz-txt-link-abbreviated" href="mailto:Robert.Remsik@colostate.edu">Robert.Remsik@colostate.edu</a></p>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<br>
<fieldset class="x_mimeAttachmentHeader"></fieldset> <br>
<pre>_______________________________________________
Kamailio (SER) - Users Mailing List
<a class="x_moz-txt-link-abbreviated" href="mailto:sr-users@lists.kamailio.org">sr-users@lists.kamailio.org</a>
<a class="x_moz-txt-link-freetext" href="https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users">https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users</a>
</pre>
</blockquote>
<br>
<pre class="x_moz-signature" cols="72">--
Daniel-Constantin Mierla
<a class="x_moz-txt-link-abbreviated" href="http://www.twitter.com/miconda">www.twitter.com/miconda</a> -- <a class="x_moz-txt-link-abbreviated" href="http://www.linkedin.com/in/miconda">www.linkedin.com/in/miconda</a>
Kamailio Advanced Training - March 5-7, 2018, Berlin - <a class="x_moz-txt-link-abbreviated" href="http://www.asipto.com">www.asipto.com</a>
Kamailio World Conference - May 14-16, 2018 - <a class="x_moz-txt-link-abbreviated" href="http://www.kamailioworld.com">www.kamailioworld.com</a></pre>
</div>
</body>
</html>