Hello,

We have one Kamailio Instance connected with MS Teams (based on this instruction: https://skalatan.de/en/blog/kamailio-sbc-teams), which worked fine for a while until recently we noticed that calls from teams are not working anymore. When I looked through the logs I found that Microsoft cannot establish a TLS connection to our server because of the cipher:
TLS accept:error:1408A0C1:SSL routines:ssl3_get_client_hello:no shared cipher (sni: sbc.example.com - domain is obfuscated).
Certificate is valid, the configuration is below:

[server:default]
method = TLSv1.2+
verify_certificate = no
require_certificate = no
private_key = /usr/local/etc/kamailio/certs/example.net/sbc1-teams_example_net.key
certificate = /usr/local/etc/kamailio/certs/example.net/sbc1-teams_example_net.crt
server_name = sbc1-teams.example.net
ca_list = /usr/local/etc/kamailio/certs/sectigo_ca.pem
#ca_list=/etc/ssl/certs/ca-bundle.crt

[client:default]
method = TLSv1.2+
verify_certificate = no
require_certificate = no
private_key = /usr/local/etc/kamailio/certs/example.net/sbc1-teams_example_net.key
certificate = /usr/local/etc/kamailio/certs/example.net/sbc1-teams_example_net.crt
ca_list = /usr/local/etc/kamailio/certs/sectigo_ca.pem
#ca_list=/etc/ssl/certs/ca-bundle.crt

We use a certificate from Sectigo, but I've tried with Let's Encrypt - and it's the same. Any idea what could be the reason?
__________________________________________________________
Kamailio - Users Mailing List - Non Commercial Discussions
To unsubscribe send an email to sr-users-leave@lists.kamailio.org
Important: keep the mailing list in the recipients, do not reply only to the sender!
Edit mailing list options or unsubscribe: