Jump to content
PortSIP PBX for Unified Communications
tom

How to switch on TLS

Recommended Posts

VoIP SDK for Android:

I can connect (and make calls) using UDP and non encrypted.

When trying to register to a server that supports TLS ( 3cx one.. so i changed the user agent)

In the logfile i don't see the transport=TLS on the REGISTER sip packet (from the PortSip logfiles on the Android Device) and the registration fails, in a way that nothing is returned because the server enforces TLS.

REGISTER sip:tomschuring.3cx.com.au SIP/2.0
Via: SIP/2.0/ ;branch=z9hG4bK-524287-1---909aab6838f68476;rport
Max-Forwards: 70
Contact: <sip:0001>;+sip.instance="<urn:uuid:00000000-0000-0000-0000-000000000000>"
To: "0001"<sip:0001@tomschuring.3cx.com.au>
From: "0001"<sip:0001@tomschuring.3cx.com.au>;tag=ff043c28
Call-ID: QtMyUk_cOQMsiRoZBRn1wQ..
CSeq: 1 REGISTER
Expires: 3600
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, NOTIFY, MESSAGE, REGISTER, SUBSCRIBE, INFO, PUBLISH
Supported: replaces, answermode, eventlist, outbound, path
User-Agent: Mti Voip Android
Allow-Events: hold, talk, conference
Content-Length: 0

doing the same via zoiper (which works) (logfile from the 3cx logging):

REGISTER sip:tomschuring.3cx.com.au;transport=TLS SIP/2.0
Via: SIP/2.0/TLS 192.168.2.43:64452;branch=z9hG4bK-524287-1---2515daffa981f4f2;rport=43265;received=58.96.100.67
Max-Forwards: 70
Contact: <sip:0001@58.96.100.67:43265;transport=TLS;rinstance=50884b26a10338eb>
To: <sip:0001@tomschuring.3cx.com.au;transport=TLS>
From: <sip:0001@tomschuring.3cx.com.au;transport=TLS>;tag=91720029
Call-ID: W0DXHb3dRylXW3Lr-pV-YA..
CSeq: 2 REGISTER
Expires: 60
Allow: INVITE, ACK, CANCEL, BYE, NOTIFY, REFER, MESSAGE, OPTIONS, INFO, SUBSCRIBE
Proxy-Authorization: Digest username="nt6rfTwEKY",realm="3CXPhoneSystem",nonce="414d53595e3a14de29:36416f59986eecbd253ea1b31aef35ea",uri="sip:tomschuring.3cx.com.au;transport=TLS",response="1c48ab0ab1c43ea42a01f047108baeb4",algorithm=MD5
User-Agent: Zoiper rv2.10.6.2
Allow-Events: presence, kpml, talk
Content-Length: 0

 

To try to switch on TLS i Initialize like :

instance.mEngine.initialize(TRANSPORT_TYPE.TRANSPORT_TLS, "0.0.0.0", 5060,
                    PORTSIP_LOG_LEVEL.PORTSIP_LOG_DEBUG, GetExternalFilesDir(null).AbsolutePath,
                    1, "Mti Voip Android", 0, 0, "", "", false);

instance.mEngine.setSrtpPolicy(SRTP_POLICY.SRTP_POLICY_FORCE);
instance.mEngine.setLicenseKey("REDACTED");
instance.mEngine.enable3GppTags(false);

but the REGISTER isn't using the transport=TLS ? 
What else do i need to do to get it to work ? 

 

Share this post


Link to post
Share on other sites
2 hours ago, tom said:

VoIP SDK for Android:

I can connect (and make calls) using UDP and non encrypted.

When trying to register to a server that supports TLS ( 3cx one.. so i changed the user agent)

In the logfile i don't see the transport=TLS on the REGISTER sip packet (from the PortSip logfiles on the Android Device) and the registration fails, in a way that nothing is returned because the server enforces TLS.


REGISTER sip:tomschuring.3cx.com.au SIP/2.0
Via: SIP/2.0/ ;branch=z9hG4bK-524287-1---909aab6838f68476;rport
Max-Forwards: 70
Contact: <sip:0001>;+sip.instance="<urn:uuid:00000000-0000-0000-0000-000000000000>"
To: "0001"<sip:0001@tomschuring.3cx.com.au>
From: "0001"<sip:0001@tomschuring.3cx.com.au>;tag=ff043c28
Call-ID: QtMyUk_cOQMsiRoZBRn1wQ..
CSeq: 1 REGISTER
Expires: 3600
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, NOTIFY, MESSAGE, REGISTER, SUBSCRIBE, INFO, PUBLISH
Supported: replaces, answermode, eventlist, outbound, path
User-Agent: Mti Voip Android
Allow-Events: hold, talk, conference
Content-Length: 0

doing the same via zoiper (which works) (logfile from the 3cx logging):


REGISTER sip:tomschuring.3cx.com.au;transport=TLS SIP/2.0
Via: SIP/2.0/TLS 192.168.2.43:64452;branch=z9hG4bK-524287-1---2515daffa981f4f2;rport=43265;received=58.96.100.67
Max-Forwards: 70
Contact: <sip:0001@58.96.100.67:43265;transport=TLS;rinstance=50884b26a10338eb>
To: <sip:0001@tomschuring.3cx.com.au;transport=TLS>
From: <sip:0001@tomschuring.3cx.com.au;transport=TLS>;tag=91720029
Call-ID: W0DXHb3dRylXW3Lr-pV-YA..
CSeq: 2 REGISTER
Expires: 60
Allow: INVITE, ACK, CANCEL, BYE, NOTIFY, REFER, MESSAGE, OPTIONS, INFO, SUBSCRIBE
Proxy-Authorization: Digest username="nt6rfTwEKY",realm="3CXPhoneSystem",nonce="414d53595e3a14de29:36416f59986eecbd253ea1b31aef35ea",uri="sip:tomschuring.3cx.com.au;transport=TLS",response="1c48ab0ab1c43ea42a01f047108baeb4",algorithm=MD5
User-Agent: Zoiper rv2.10.6.2
Allow-Events: presence, kpml, talk
Content-Length: 0

 

To try to switch on TLS i Initialize like :


instance.mEngine.initialize(TRANSPORT_TYPE.TRANSPORT_TLS, "0.0.0.0", 5060,
                    PORTSIP_LOG_LEVEL.PORTSIP_LOG_DEBUG, GetExternalFilesDir(null).AbsolutePath,
                    1, "Mti Voip Android", 0, 0, "", "", false);

instance.mEngine.setSrtpPolicy(SRTP_POLICY.SRTP_POLICY_FORCE);
instance.mEngine.setLicenseKey("REDACTED");
instance.mEngine.enable3GppTags(false);

but the REGISTER isn't using the transport=TLS ? 
What else do i need to do to get it to work ? 

 

If you run our sample projct and test with TLS, does it work fine ?

Share this post


Link to post
Share on other sites
35 minutes ago, admin said:

If you run our sample projct and test with TLS, does it work fine ?

The sample application doesn't have any TLS options at all.

Just a Username, Password, SiIPServer SIPServerPort and then 3 buttons saying "Online" "Offline" and "Quit"

is there a newer sample project ?

 

Share this post


Link to post
Share on other sites

SIPSample can choose the Transport to TLS.

Please check your TLS port is correct.

Please give me anSIP account on your server, i will use test it.

Screenshot_20200206-002417.png

Share this post


Link to post
Share on other sites

Hello Joe,

thank you for your help.. you were correct.. the port was 5061 and then it all started to work !!

Kind Regards,

Tom

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...