Currently, I faced a problem regarding SRTP outbound call to user (Leg B).
The scenario is like the following:
We set up our own root CA to an IP address (e.g 192.168.0.13) We create a server certificate for freeswitch at 192.168.0.13 Linphone is used as SIP client and is configured to trust our root CA by default. (1) Linphone A is configured to register to Freeswitch via TLS + SRTP. (One leg call to server has both SIPs and SRTP – completely secure). (2) Linphone B is registered to Freeswitch via TLS + SRTP, and waiting for Linphone A to call to. (One leg call to server, e.g. 9196 (echo test), is completely secure with SRTP + SIPs)
Unfortunately, if A call to B, only A leg has SIPs + SRTP, but Leg B is not encrypted with SRTP and SIPs at all. This causes SRTP unprotect failed with code 7 (auth check failed).
Dialplan Configuration
The dial-string is
- Directory Configruation:
<param name="dial-string" value="{rtp_secure_media=${regex(${sofia_contact(${dialed_user}@${dialed_domain})}|transport=tls)},presence_id=${dialed_user}@${dialed_domain}}${sofia_contact(${dialed_user}@${dialed_domain})}" />
My question is that, is there any configuration left that I have to set up in order to let freeswitch initiate an outbound call to Leg B correctly with SRTP and SIPs (tls)?
Any help would be really appreciated
