Asterisk TLS cipher limitation

Get help with installing, upgrading and running Asterisk.

Moderators: muppetmaster, Moderator, Support

Asterisk TLS cipher limitation

Postby rustuuludas » Tue Nov 24, 2015 1:03 am

Hello

I am looking for a way to limit asterisk TLS negotiation ciphers.

When I run "pjsip list ciphers" I see a lot of cipher but I want to block all negotiontions with cipher RC4.

When I put only one cipher to transport config

[transport-ws]
type=transport
protocol=ws
bind=0.0.0.0:8088

[transport-wss]
type=transport
protocol=wss
;bind=0.0.0.0
bind=0.0.0.0:8089
cipher=ECDHE-RSA-AES256-GCM-SHA384
method=tlsv1

it still response to connect attempts with RC4 cipher ;

openssl s_client -connect localhost:8089 -tls1 -cipher RC4-SHA

New, TLSv1/SSLv3, Cipher is RC4-SHA
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE


I am looking for a solution. Would you please advise a way to achieve it.

Regards.
rustuuludas
Newsterisk
 
Posts: 3
Joined: Mon May 25, 2015 1:43 am

Return to Asterisk Support

Who is online

Users browsing this forum: No registered users and 1 guest

cron