Hi
vitalpbx use centos 7.9 but openssl version is too old.
OpenSSL 1.0.2K 2017
now, popular version is 1.1.1l there are many ciphers for TLS, SRTP
wish it would update
thanks
Hi
vitalpbx use centos 7.9 but openssl version is too old.
OpenSSL 1.0.2K 2017
now, popular version is 1.1.1l there are many ciphers for TLS, SRTP
wish it would update
thanks
That’s what Centos 7 Offers. If you want to install that version of OpenSSL, here’s a step-by-step tutorial that might help.
Hi miguel
thannk for reply
could i reinstall Vitalpbx ?
how to i check update it ?
thanks
nothing change before and after what update openssl
*CLI> pjsip list ciphers
Available ciphers: ‘ECDHE-RSA-AES256-GCM-SHA384, ECDHE-ECDSA-AES256-GCM-SHA384, ECDHE-RSA-AES256-SHA384, ECDHE-ECDSA-AES256-SHA384, ECDHE-RSA-AES256-SHA, ECDHE-ECDSA-AES256-SHA, DH-DSS-AES256-GCM-SHA384, DHE-DSS-AES256-GCM-SHA384, DH-RSA-AES256-GCM-SHA384, DHE-RSA-AES256-GCM-SHA384, DHE-RSA-AES256-SHA256, DHE-DSS-AES256-SHA256, DH-RSA-AES256-SHA256, DH-DSS-AES256-SHA256, DHE-RSA-AES256-SHA, DHE-DSS-AES256-SHA, DH-RSA-AES256-SHA, DH-DSS-AES256-SHA, DHE-RSA-CAMELLIA256-SHA, DHE-DSS-CAMELLIA256-SHA, DH-RSA-CAMELLIA256-SHA, DH-DSS-CAMELLIA256-SHA, AECDH-AES256-SHA, ADH-AES256-GCM-SHA384, ADH-AES256-SHA256, ADH-AES256-SHA, ADH-CAMELLIA256-SHA, ECDH-RSA-AES256-GCM-SHA384, ECDH-ECDSA-AES256-GCM-SHA384, ECDH-RSA-AES256-SHA384, ECDH-ECDSA-AES256-SHA384, ECDH-RSA-AES256-SHA, ECDH-ECDSA-AES256-SHA, AES256-GCM-SHA384, AES256-SHA256, AES256-SHA, CAMELLIA256-SHA, PSK-AES256-CBC-SHA, ECDHE-RSA-AES128-GCM-SHA256, ECDHE-ECDSA-AES128-GCM-SHA256, ECDHE-RSA-AES128-SHA256, ECDHE-ECDSA-AES128-SHA256, ECDHE-RSA-AES128-SHA, ECDHE-ECDSA-AES128-SHA, DH-DSS-AES128-GCM-SHA256, DHE-DSS-AES128-GCM-SHA256, DH-RSA-AES128-GCM-SHA256, DHE-RSA-AES128-GCM-SHA256, DHE-RSA-AES128-SHA256, DHE-DSS-AES128-SHA256, DH-RSA-AES128-SHA256, DH-DSS-AES128-SHA256, DHE-RSA-AES128-SHA, DHE-DSS-AES128-SHA, DH-RSA-AES128-SHA, DH-DSS-AES128-SHA, DHE-RSA-SEED-SHA, DHE-DSS-SEED-SHA, DH-RSA-SEED-SHA, DH-DSS-SEED-SHA, DHE-RSA-CAMELLIA128-SHA, DHE-DSS-CAMELLIA128-SHA, DH-RSA-CAMELLIA128-SHA, DH-DSS-CAMELLIA128-SHA, AECDH-AES128-SHA, ADH-AES128-GCM-SHA256, ADH-AES128-SHA256, ADH-AES128-SHA, ADH-SEED-SHA, ADH-CAMELLIA128-SHA, ECDH-RSA-AES128-GCM-SHA256, ECDH-ECDSA-AES128-GCM-SHA256, ECDH-RSA-AES128-SHA256, ECDH-ECDSA-AES128-SHA256, ECDH-RSA-AES128-SHA, ECDH-ECDSA-AES128-SHA, AES128-GCM-SHA256, AES128-SHA256, AES128-SHA, SEED-SHA, CAMELLIA128-SHA, PSK-AES128-CBC-SHA, ECDHE-RSA-DES-CBC3-SHA, ECDHE-ECDSA-DES-CBC3-SHA, EDH-RSA-DES-CBC3-SHA, EDH-DSS-DES-CBC3-SHA, DH-RSA-DES-CBC3-SHA, DH-DSS-DES-CBC3-SHA, AECDH-DES-CBC3-SHA, ADH-DES-CBC3-SHA, ECDH-RSA-DES-CBC3-SHA, ECDH-ECDSA-DES-CBC3-SHA, DES-CBC3-SHA, IDEA-CBC-SHA, PSK-3DES-EDE-CBC-SHA, KRB5-IDEA-CBC-SHA, KRB5-DES-CBC3-SHA, KRB5-IDEA-CBC-MD5, KRB5-DES-CBC3-MD5, ECDHE-RSA-RC4-SHA, ECDHE-ECDSA-RC4-SHA, AECDH-RC4-SHA, ADH-RC4-MD5, ECDH-RSA-RC4-SHA, ECDH-ECDSA-RC4-SHA, RC4-SHA, RC4-MD5, PSK-RC4-SHA, KRB5-RC4-SHA, KRB5-RC4-MD5, ECDHE-RSA-NULL-SHA, ECDHE-ECDSA-NULL-SHA, AECDH-NULL-SHA, ECDH-RSA-NULL-SHA, ECDH-ECDSA-NULL-SHA, NULL-SHA256, NULL-SHA, NULL-MD5’
For Asterisk, I guess you have to recompile it. I do not advise you to do that, so if you do it, is at your own risk.
Hi miguel
thanks for reply
i hope so it change when debian version comes out.
thanks
Hi miguel
i got somthing.
maybe it will help to update openssl 1.1.1
thanks