[SR-Users] Kamailio 4.3 decrypting SIP-TLS

Anthony Alba ascanio.alba7 at gmail.com
Sat Feb 17 18:10:27 CET 2018

On Fri, Feb 16, 2018 at 08:28:49PM +0000, Remsik,Robert wrote:
> Hello!
> I'm working on setting up our kamailio instance to use TLS for inter-phone communication and so far I've been able to configure the GUI 
> and get it to work which is great.  However, I'm trying to grab a packet capture and decode the TLS session to get the SIP ladder (so I 
> can troubleshoot issues) and so far I've been unable to.  I've been following the article at: http://packetpushers.net/using-wireshark-t
> o-decode-ssltls-packets/ and using the kamailio self-signed cert as I think that's the cert being used with no success.  I'm getting the
>  Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA (0x0035) which doesn't use perfect forward secrecy so it should be able to be decoded.
> Is there a way to decode the kamailio TLS encoded communications so I can troubleshoot issues that may come up?

You could dump the pseudo-var $mb  using the corex module in the
event_route[network:msg] hook. https://kamailio.org/docs/modules/4.3.x/modules/corex.html


More information about the sr-users mailing list