hi all
wondering if any of you has the experience of TLS decrypting, SIP client has problem while calling each other, but we are using TLS for communication protocol.....facing problem debugging it.....
Best Regards, Rex Lin
Hi,
http://wiki.snom.com/FAQ/How_to_decode_TLS_calls_using_wireshark
Additionally you need make sure to not use a DH enumeral cipher (client/server) if you want to decrypt the SIP TLS traffic.
BR
Max M.
On 20.03.2017 09:04, Rex Lin (林昱頡) wrote:
hi all
wondering if any of you has the experience of TLS decrypting, SIP client has problem while calling each other, but we are using TLS for communication protocol.....facing problem debugging it.....
Best Regards, Rex Lin
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Hi Max,
No Diffie Hellman confirmed, we use RSA cipher instead. I found that the problem was the TLS version; I could see nothing while the TLS.cfg method was configured as version 1.2, but it's okay now after switched to version 1.0, but version 1.0 is an obsolete choice so I would rather the v1.2 if possible. Much appreciate if anyone could help with this question.
Best Regards, Rex Lin
From: sr-users [mailto:sr-users-bounces@lists.sip-router.org] On Behalf Of Max Muhlbronner Sent: Monday, March 20, 2017 4:34 PM To: sr-users@lists.sip-router.org Subject: Re: [SR-Users] wiresharking TLS problem
Hi,
http://wiki.snom.com/FAQ/How_to_decode_TLS_calls_using_wireshark
Additionally you need make sure to not use a DH enumeral cipher (client/server) if you want to decrypt the SIP TLS traffic.
BR
Max M.
On 20.03.2017 09:04, Rex Lin (林昱頡) wrote:
hi all
wondering if any of you has the experience of TLS decrypting,
SIP client has problem while calling each other, but we are using TLS for communication protocol.....facing problem debugging it.....
Best Regards,
Rex Lin
_______________________________________________
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
sr-users@lists.sip-router.orgmailto:sr-users@lists.sip-router.org
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Hello,
do you want to see the traffic from devices or want to use for troubleshooting some app? If the second, then it might be easier to just set the NULL encryption algorithm. Some tips and tricks to debug TLS connections are collected at:
- https://www.kamailio.org/wiki/tutorials/tls/testing-and-debugging
Cheers, Daniel
On 27/03/2017 05:08, Rex Lin (林昱頡) wrote:
Hi Max,
No Diffie Hellman confirmed, we use RSA cipher instead.
I found that the problem was the TLS version;
I could see nothing while the TLS.cfg method was configured as version 1.2, but it's okay now after switched to version 1.0, but version 1.0 is an obsolete choice so I would rather the v1.2 if possible.
Much appreciate if anyone could help with this question.
Best Regards,
Rex Lin
*From:*sr-users [mailto:sr-users-bounces@lists.sip-router.org] *On Behalf Of *Max Muhlbronner *Sent:* Monday, March 20, 2017 4:34 PM *To:* sr-users@lists.sip-router.org *Subject:* Re: [SR-Users] wiresharking TLS problem
Hi,
http://wiki.snom.com/FAQ/How_to_decode_TLS_calls_using_wireshark
Additionally you need make sure to not use a DH enumeral cipher (client/server) if you want to decrypt the SIP TLS traffic.
BR
Max M.
On 20.03.2017 09:04, Rex Lin (林昱頡) wrote:
hi all wondering if any of you has the experience of TLS decrypting, SIP client has problem while calling each other, but we are using TLS for communication protocol.....facing problem debugging it..... Best Regards, Rex Lin _______________________________________________ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org <mailto:sr-users@lists.sip-router.org> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
-
Daniel-Constantin Mierla -
Max Mühlbronner -
Rex Lin (林昱頡)