Also , forgot to mention that on the same centos 8 host, I sent openssl s_client to port 5061 using TLS 1.2 and it does not send session ID information in the clientHello TLS handshake message. On Sunday, March 7, 2021, 04:01:02 PM PST, Rupesh Kumar rupesh_kumar@sbcglobal.net wrote:
Hi, I am running kamailio 5.2.6 on centos 8 and openssl 1.1.1c and connecting and using it as a proxy sip endpoints to a legacy PBX over TLS. The connection to the backend PBX is over TLS 1.2 . Whenever kamailio initiates a TLS connection to the PBX, it uses session ID and a random session id . The server side has a bug and cannot handle the TLS session resuse apparently because of some bug/issue in caching the TLS sessions. The renegotiation and session_cache is by default turned off and I also explicitly set to 0 via modparam but kamailio would always send the session ID in the initial client hello and this is causing us trouble. Any help would be greatly appreciated. https://kamailio.org/docs/modules/5.2.x/modules/tls.html#tls.p.renegotiation
Regards, RK_______________________________________________ Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users