[OpenSIPS-Users] AES + Opensip

Răzvan Crainea razvan at opensips.org
Wed Nov 15 04:43:16 EST 2017


Hi, Eust!

As Daniel already pointed out, AES is a cipher, not an encryption 
mechanism. If you want to use AES encryption for your traffic, simply 
configure TLS to use an AES cipher by setting the ciphers_list parameter[1].
To find out the available AES ciphers, run on your machine:
openssl ciphers

Then choose one (or more) ciphers and feed them to the ciphers_list 
parameters. For example:
modparam("tls_mgm", "ciphers_list", 
"ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384")

The previous configuration specifies 3 AES ciphers that can be used for 
TLS encryption.

In my opinion I don't see how further this could get, unless you provide 
us a more detailed requirement or something specific you want to do.

PS: my system uses 50 AES based ciphers and only 7 other ciphers, so I 
am pretty sure that any TLS session is most likely using an AES based 
cipher.

[1] http://www.opensips.org/html/docs/modules/2.4.x/tls_mgm#idp5669152

Best regards,

Răzvan Crainea
OpenSIPS Developer
www.opensips-solutions.com

On 11/14/2017 09:52 PM, Eust wrote:
> Hi,
>
> thanks for the explanation, il see what can be done, sadly there is not much
> information on OpenSips + AES but il try and see if I can figure it out.
>
> If someone has done some research before or tried it out id be grateful for
> some info. :)
>
> Thanks.
>
> Eust
>
>
>
> --
> Sent from: http://opensips-open-sip-server.1449251.n2.nabble.com/OpenSIPS-Users-f1449235.html
>
> _______________________________________________
> Users mailing list
> Users at lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users




More information about the Users mailing list