Kamailio and TLS_WOLFSSL
Posted . ~1min read.
In June 2022, a new TLS module was announced: tls_wolfssl.
The module was created as an alternative to the standard tls module; which uses libssl. There had been some “frustration” with openssl 3.x.x and with the new wolfssl project, and alternative made sense.
The module attempts to be a standard replacement for the tls module. Basically…
loadmodule "tls.so
becomes
loadmodule "tls_wolfssl.so
and…
modparam("tls", "config", "/usr/local/etc/kamailio/tls.cfg")
becomes
modparam("tls_wolfssl", "config", "/usr/local/etc/kamailio/tls.cfg")
Your tls.cfg file stays the same, with the exception of tls_method as wolfssl only supports tls1.2 and greater. There are too many carriers out there demanding sslv3, so this may be a blocker for you.
Installation
(assuming you’re installing kamailio via git and that the repo is locally in /usr/local/src/kamailio)
git clone https://github.com/wolfSSL/wolfssl.git --depth 1 /usr/local/src/kamailio/misc/external/wolfssl/wolfssl
cd /usr/local/src/kamailio
make modules modules=modules/tls_wolfssl
make install modules modules=modules/tls_wolfssl
That’s it… then just do the above replacement and “enjoy.”
Thank you for flying Kamailio