Closed Ry0dai closed 8 months ago
Hi @Ry0dai !
sngrep only support a couple insecure cipthers (TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA and TLS_RSA_WITH_AES_256_GCM_SHA384), and needs to capture the initial TLS negotiation in order to decrypt the conversation. If you're using TLS v1.2 or greater with a DH or ECDH cipher, decrypting is impossible as these ciphers implement Perfect Forward Secrecy.
I have added a FAQ entry with this topic.
If your server is able to send HEP traffic, it's better to configure sngrep as local HEP listener than trying to decrypt TLS information from the wire configuring an insecure cipher in your server.
Regards!
Hi @Kaian Thank you for your answer ! I did it on Freeswitch and it work pretty well. I close this issue. Regards!
Hi everyone, Can someone confirm
sngrep
support of webRTC WSS Sip capture ?Best wishes for this new year to all.
Rgds