Fred Posner

Fred Posner personal blog

Kamailio and TLS_WOLFSSL

Posted . ~1min read.

In June 2022, a new TLS module was announced: tls_wolfssl.

The module was created as an alternative to the standard tls module; which uses libssl. There had been some “frustration” with openssl 3.x.x and with the new wolfssl project, and alternative made sense.

The module attempts to be a standard replacement for the tls module. Basically…

loadmodule "tls.so

becomes

loadmodule "tls_wolfssl.so

and…

modparam("tls", "config", "/usr/local/etc/kamailio/tls.cfg")

becomes

modparam("tls_wolfssl", "config", "/usr/local/etc/kamailio/tls.cfg")

Your tls.cfg file stays the same, with the exception of tls_method as wolfssl only supports tls1.2 and greater. There are too many carriers out there demanding sslv3, so this may be a blocker for you.

Installation

(assuming you’re installing kamailio via git and that the repo is locally in /usr/local/src/kamailio)

git clone https://github.com/wolfSSL/wolfssl.git --depth 1 /usr/local/src/kamailio/misc/external/wolfssl/wolfssl
cd /usr/local/src/kamailio
make modules modules=modules/tls_wolfssl
make install modules modules=modules/tls_wolfssl

That’s it… then just do the above replacement and “enjoy.”

Thank you for flying Kamailio

Tagged in...
Latest Posts