[jitsi-users] Jitsi configuration for SRTP


#1

Hello to everybody,

I'm new to this mailing list since I've just started to evaluate Jitsi
communicator.

I need to place SIP calls to and receive SIP calls from other clients
registered with the same Asterisk box (v. 1.8.3.2), using TLS/SRTP
encryption (mandatory). I was making some tests with a Jitsi client and a
Blink client (some users like this softphone, while I prefer Jitsi) on a
Windows XP SP3 machine. When using two Blink clients everything works fine,
but if I try to connect a Jitsi client with a Blink client I cannot make it
work.

The Jitsi client registers with the Asterisk server (it processes the
certificate without problems) but when I try to place a call to the Blink
client I get a "Call failed - Not acceptable here" error and the Asterisk
CLI logs "WARNING[3006]: chan_sip.c:8432 process_sdp: Matched device setup
to use SRTP, but request was not!" (see Asterisk SIP trace Jitsi_caller.txt
attached).

Similarly, If I try to place a call from the Blink client to Jitsi, the
client rings but the call is dropped as soon as I press the Answer button
(see Asterisk SIP trace Jitsi_callee.txt attached).

Maybe I am missing some configuration detail, since it seems that the Jitsi
client is expected to use SRTP while it doesn't.

Any help would be greatly appreciated.

Regards,

Carmelo Fischetti

Jitsi_callee.txt (26 KB)

Jitsi_caller.txt (16.7 KB)


#2

Hey Carmelo,

Jitsi does support SRTP but it does so through ZRTP key negotiation.
This has the advantage of providing end-to-end encryption (contrary to
the standard SRTP impl in Asterisk that can be eavesdropped on the server).

It is however not supported by Asterisk and you would hence need to use
an actual SIP and RTP proxy in order to have it work.

Hope this helps,
Emil

На 28.04.11 15:58, Carmelo Fischetti - Digi Unit написа:

···

Hello to everybody,

I’m new to this mailing list since I’ve just started to evaluate Jitsi
communicator…

I need to place SIP calls to and receive SIP calls from other clients
registered with the same Asterisk box (v. 1.8.3.2), using TLS/SRTP
encryption (mandatory). I was making some tests with a Jitsi client and
a Blink client (some users like this softphone, while I prefer Jitsi) on
a Windows XP SP3 machine. When using two Blink clients everything works
fine, but if I try to connect a Jitsi client with a Blink client I
cannot make it work.

The Jitsi client registers with the Asterisk server (it processes the
certificate without problems) but when I try to place a call to the
Blink client I get a “Call failed – Not acceptable here” error and the
Asterisk CLI logs “WARNING[3006]: chan_sip.c:8432 process_sdp: Matched
device setup to use SRTP, but request was not!” (see Asterisk SIP trace
Jitsi_caller.txt attached).

Similarly, If I try to place a call from the Blink client to Jitsi, the
client rings but the call is dropped as soon as I press the Answer
button (see Asterisk SIP trace Jitsi_callee.txt attached).

Maybe I am missing some configuration detail, since it seems that the
Jitsi client is expected to use SRTP while it doesn’t.

Any help would be greatly appreciated.

Regards,

Carmelo Fischetti

--
Emil Ivov, Ph.D. 67000 Strasbourg,
Project Lead France
Jitsi
emcho@jitsi.org PHONE: +33.1.77.62.43.30
http://jitsi.org FAX: +33.1.77.62.47.31