[SR-Users] client TLS session reuse problem

Rupesh Kumar rupesh_kumar at sbcglobal.net
Mon Mar 8 01:33:06 CET 2021


 Also , forgot to mention that on the same centos 8 host, I sent openssl s_client to port 5061 using TLS 1.2 and it does not send session ID information in the clientHello TLS handshake message.
    On Sunday, March 7, 2021, 04:01:02 PM PST, Rupesh Kumar <rupesh_kumar at sbcglobal.net> wrote:  
 
 Hi,
I am running kamailio 5.2.6 on centos 8 and openssl 1.1.1c and connecting and using it as a proxy sip endpoints to a legacy PBX over TLS.
The connection to the backend PBX is over TLS 1.2 . Whenever kamailio initiates a TLS connection to the PBX, it uses session ID and a random session id . The server side has a bug and cannot handle the TLS session resuse apparently because of some bug/issue in caching the TLS sessions.
The renegotiation and session_cache is by default turned off and I also explicitly set to 0 via modparam but kamailio would always send the session ID in the initial client hello and this is causing us trouble. Any help would be greatly appreciated.
https://kamailio.org/docs/modules/5.2.x/modules/tls.html#tls.p.renegotiation

Regards,
RK_______________________________________________
Kamailio (SER) - Users Mailing List
sr-users at lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kamailio.org/pipermail/sr-users/attachments/20210308/1946054d/attachment.htm>


More information about the sr-users mailing list