apt install -y ssldump # 系统是debian11
启动kamailio(当然要打开tls模块)
ssldump port 5061
eyebeam tls注册到kamailio,ssldump日志:
New TCP connection #1: 192.168.100.172(60963) <-> kam01(5061)
1 1 0.0239 (0.0239) C>S Handshake
ClientHello
Version 3.1 #Version 3.0 is SSLv3, 3.1 is TLS1.0, 3.2 is TLS 1.1
cipher suites
TLS_DHE_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_AES_256_CBC_SHA
TLS_DHE_DSS_WITH_AES_256_CBC_SHA
TLS_DHE_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_DHE_DSS_WITH_AES_128_CBC_SHA
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
TLS_RSA_WITH_3DES_EDE_CBC_SHA
TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
TLS_RSA_WITH_RC4_128_SHA
TLS_RSA_WITH_RC4_128_MD5
TLS_DHE_DSS_WITH_RC4_128_SHA
TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA
TLS_DHE_RSA_WITH_DES_CBC_SHA
TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA
TLS_RSA_WITH_DES_CBC_SHA
TLS_RSA_EXPORT_WITH_DES40_CBC_SHA
TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA
TLS_DHE_DSS_WITH_DES_CBC_SHA
TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA
TLS_RSA_EXPORT1024_WITH_RC4_56_SHA
TLS_RSA_EXPORT1024_WITH_RC4_56_MD5
TLS_RSA_EXPORT_WITH_RC4_40_MD5
TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA
compression methods
NULL
Short read: 0 bytes available (expecting 2)
1 2 0.0246 (0.0006) S>C Alert
level fatal
value protocol_version
1 0.0270 (0.0024) S>C TCP FIN
1 0.0581 (0.0311) C>S TCP FIN
eyebeam tls版本太低导致被拒
下面再贴下MicroSIP3.21成功注册的ssldump日志:
New TCP connection #1: 192.168.100.172(61032) <-> kam01(5061)
1 1 0.0095 (0.0095) C>S Handshake
ClientHello
Version 3.3 # Version 3.3 means TLS 1.2
cipher suites
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
TLS_DHE_RSA_WITH_AES_256_CBC_SHA
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
TLS_DHE_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_256_GCM_SHA384
TLS_RSA_WITH_AES_128_GCM_SHA256
TLS_RSA_WITH_AES_256_CBC_SHA256
TLS_RSA_WITH_AES_128_CBC_SHA256
TLS_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_EMPTY_RENEGOTIATION_INFO_SCSV
compression methods
NULL
extensions
ec_point_formats
supported_groups
session_ticket
encrypt_then_mac
extended_master_secret
signature_algorithms
1 2 0.0184 (0.0088) S>C Handshake
ServerHello
Version 3.3
session_id[0]=cipherSuite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
compressionMethod NULL
extensions
renegotiation_info
ec_point_formats
session_ticket
extended_master_secret
1 3 0.0184 (0.0000) S>C Handshake
Certificate
1 4 0.0184 (0.0000) S>C Handshake
ServerKeyExchange
Not enough data. Found 294 bytes (expecting 32767)
1 5 0.0184 (0.0000) S>C Handshake
ServerHelloDone
1 6 0.0231 (0.0047) C>S Handshake
ClientKeyExchange
DiffieHellmanClientPublicValue[32]=
b6 16 3e 0d a6 17 19 de 21 03 ef e3 94 74 32 36
c2 94 bf 66 44 7e ab 33 51 fb 48 8c c4 bc 30 01
1 7 0.0231 (0.0000) C>S ChangeCipherSpec
1 8 0.0231 (0.0000) C>S Handshake
1 9 0.0257 (0.0026) S>C Handshake
1 10 0.0257 (0.0000) S>C ChangeCipherSpec
1 11 0.0257 (0.0000) S>C Handshake
1 12 0.0323 (0.0065) C>S application_data
1 13 0.0333 (0.0010) S>C application_data
1 14 0.0398 (0.0064) C>S application_data
1 15 0.0403 (0.0004) S>C application_data
1 16 0.0506 (0.0103) C>S application_data
1 17 0.0511 (0.0004) S>C application_data
文档上说 ssldump -d -k key.pem 可以解码,但我没试成功,请知情的网友指点下,感谢!