Last updated: 2026-05-15
FreeSWITCH TLS/SSL Configuration Guide
This guide provides recommended TLS/SSL settings for FreeSWITCH to encrypt SIP signaling traffic. Securing VoIP communications with TLS prevents eavesdropping on call setup and authentication credentials.
Prerequisites
- FreeSWITCH 1.10 or later
- OpenSSL 1.1.1 or later
- SSL certificates (server certificate, private key, and CA certificate)
Certificate Setup
FreeSWITCH uses PEM-formatted certificate files. Place your certificates in the FreeSWITCH configuration directory:
mkdir -p /etc/freeswitch/tls
chmod 750 /etc/freeswitch/tls
chown freeswitch:freeswitch /etc/freeswitch/tls
cp server.crt /etc/freeswitch/tls/server-cert.pem
cp server.key /etc/freeswitch/tls/server-key.pem
cp ca.crt /etc/freeswitch/tls/ca.pem
chmod 640 /etc/freeswitch/tls/*.pem
chown freeswitch:freeswitch /etc/freeswitch/tls/*.pem
FreeSWITCH can also use a combined certificate file containing the certificate and private key:
cat /etc/freeswitch/tls/server-cert.pem /etc/freeswitch/tls/server-key.pem > /etc/freeswitch/tls/agent.pem
chmod 640 /etc/freeswitch/tls/agent.pem
chown freeswitch:freeswitch /etc/freeswitch/tls/agent.pem
SIP Profile TLS Configuration
Configure TLS in the SIP profile XML files. The internal and external profiles are typically located in sip_profiles/internal.xml and sip_profiles/external.xml.
Internal Profile (LAN Phones)
Edit sip_profiles/internal.xml:
<param name="tls" value="true"/>
<param name="tls-bind-params" value="transport=tls"/>
<param name="tls-sip-port" value="5061"/>
<param name="tls-cert-dir" value="/etc/freeswitch/tls"/>
<param name="tls-version" value="tlsv1.2"/>
<param name="tls-ciphers" value="ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305"/>
<param name="tls-verify-date" value="true"/>
<param name="tls-verify-policy" value="none"/>
<param name="tls-verify-depth" value="4"/>
External Profile (Trunks)
Edit sip_profiles/external.xml:
<param name="tls" value="true"/>
<param name="tls-bind-params" value="transport=tls"/>
<param name="tls-sip-port" value="5081"/>
<param name="tls-cert-dir" value="/etc/freeswitch/tls"/>
<param name="tls-version" value="tlsv1.2"/>
<param name="tls-ciphers" value="ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305"/>
<param name="tls-verify-date" value="true"/>
<param name="tls-verify-policy" value="subjects_all"/>
<param name="tls-verify-depth" value="4"/>
Configuration Explained
- tls-version = tlsv1.2 -- Sets the minimum TLS protocol version. With OpenSSL 1.1.1+, TLS 1.3 is also negotiated when available.
- tls-ciphers -- OpenSSL cipher string restricting to AEAD ciphers with forward secrecy.
- tls-cert-dir -- Directory containing
agent.pem(combined cert+key) andcafile.pemfiles. FreeSWITCH looks for these filenames by default. - tls-verify-policy -- Controls certificate verification for incoming connections:
- none -- No certificate verification (suitable for phones on a LAN)
- subjects_all -- Verify the certificate subject matches (recommended for trunks)
- in -- Verify inbound connections
- out -- Verify outbound connections
- all -- Verify both inbound and outbound
Note: When using
tls-cert-dir, FreeSWITCH expectsagent.pem(cert+key) andcafile.pem(CA) in that directory. Alternatively, you can specify individual files withtls-cert-file,tls-key-file, andtls-ca-cert-fileif your version supports it.
SRTP for Media Encryption
TLS only encrypts SIP signaling. To encrypt the audio/media stream, enable SRTP. Configure SRTP in vars.xml or per-profile:
Global SRTP Settings
In vars.xml:
<X-PRE-PROCESS cmd="set" data="rtp_secure_media=true"/>
<X-PRE-PROCESS cmd="set" data="rtp_secure_media_suites=AEAD_AES_256_GCM_8:AEAD_AES_128_GCM_8:AES_CM_256_HMAC_SHA1_80:AES_CM_128_HMAC_SHA1_80"/>
Per-Profile SRTP
In the SIP profile:
<param name="rtp-secure-media" value="true"/>
<param name="rtp-secure-media-suites" value="AEAD_AES_256_GCM_8:AEAD_AES_128_GCM_8:AES_CM_256_HMAC_SHA1_80:AES_CM_128_HMAC_SHA1_80"/>
Setting rtp_secure_media=true means FreeSWITCH requires SRTP. Calls that cannot negotiate SRTP will fail. Set to optional to allow fallback to unencrypted RTP.
Complete Configuration
sip_profiles/internal.xml (TLS excerpt)
<profile name="internal">
<settings>
<!-- SIP TLS -->
<param name="tls" value="true"/>
<param name="tls-bind-params" value="transport=tls"/>
<param name="tls-sip-port" value="5061"/>
<param name="tls-cert-dir" value="/etc/freeswitch/tls"/>
<param name="tls-version" value="tlsv1.2"/>
<param name="tls-ciphers" value="ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305"/>
<param name="tls-verify-date" value="true"/>
<param name="tls-verify-policy" value="none"/>
<param name="tls-verify-depth" value="4"/>
<!-- SRTP -->
<param name="rtp-secure-media" value="true"/>
<param name="rtp-secure-media-suites" value="AEAD_AES_256_GCM_8:AEAD_AES_128_GCM_8:AES_CM_256_HMAC_SHA1_80:AES_CM_128_HMAC_SHA1_80"/>
</settings>
</profile>
Client Configuration
SIP Phones
Configure SIP phones and softphones to use TLS:
- Transport: TLS
- SIP Port: 5061
- Server:
sips:freeswitch.example.com:5061 - CA Certificate: Import the CA certificate if using self-signed or private CA certificates
- SRTP: Enable SRTP/SDES in the phone's audio/codec settings
SIP Trunks
Configure outbound trunk gateways with TLS in the gateway XML:
<gateway name="my-trunk">
<param name="realm" value="sip.provider.example.com"/>
<param name="register-transport" value="tls"/>
<param name="contact-params" value="transport=tls"/>
</gateway>
Security Notes
The cipher suite and protocol configuration in this guide addresses the following known TLS vulnerabilities:
- POODLE (CVE-2014-3566, 2014): SSL 3.0 is disabled. TLS_FALLBACK_SCSV was added in OpenSSL 1.0.1j / 1.0.2 (October 2014); SSL 3.0 disabled by default in OpenSSL 1.1.0 (August 2016).
- BEAST (CVE-2011-3389, 2011): Mitigated by recommending TLS 1.2 as the minimum; AEAD-only ciphers eliminate the CBC padding oracle.
- CRIME (CVE-2012-4929, 2012): TLS compression is off by default in OpenSSL 1.1.0+; do not enable it.
- Lucky13 (2013): AEAD-only cipher list eliminates CBC padding timing side-channels entirely.
- FREAK (CVE-2015-0204, 2015): EXPORT-grade ciphers are excluded. Removed from OpenSSL 1.1.0 (August 2016).
- LOGJAM (CVE-2015-4000, 2015): Short-key DHE is excluded; only ECDHE key exchange is recommended.
- Sweet32 (CVE-2016-2183, 2016): 3DES is excluded from the cipher string. Disabled by default in OpenSSL 3.0 (September 2021).
- ROBOT (CVE-2017-13099, 2017): Static RSA key exchange is excluded; only ECDHE is recommended. Fixed in OpenSSL 1.0.2m / 1.0.1v (November 2017).
- Downgrade attacks: TLS_FALLBACK_SCSV prevents protocol version rollback.
The following are not addressable through TLS configuration alone:
- Heartbleed (CVE-2014-0160, 2014): A memory disclosure bug in OpenSSL 1.0.1 through 1.0.1f. Fixed in OpenSSL 1.0.1g (April 7, 2014). Addressed by patching OpenSSL, not by TLS configuration.
- BREACH (CVE-2013-3587, 2013): Not applicable. BREACH targets HTTP-level response compression; SIP/TLS signaling does not involve HTTP response compression.
- DROWN (CVE-2016-0800, 2016): Requires SSLv2 to be enabled on any server sharing the same private key. Ensure SSLv2 is disabled on all services that use the same certificate and key pair.
Verification
Reload the SIP profiles and verify TLS is active:
fs_cli -x "sofia profile internal restart"
fs_cli -x "sofia status"
Verify the TLS listener:
openssl s_client -connect freeswitch.example.com:5061
Check active registrations for TLS transport:
fs_cli -x "sofia status profile internal reg"
Check the FreeSWITCH logs for TLS information:
grep -i tls /var/log/freeswitch/freeswitch.log