[Twilio Trunk with TLS + RTSP]

Is there an option to not require to certificate verify? 

[Battery issues]

anyway to improve battery usage, looking at my battery usage, phone system app used up 47% of total battery while on idle. What is the reason?

[Twilio Trunk with TLS + RTSP]

I have opened a ticket with twilio to fix their legacy termination URIs wild certificate with their new URIs. 

[Twilio Trunk with TLS + RTSP]

You are 100% correct, the localized URIs do not have wild card certs *.pstn.umatilla.twilio.com thus failing the handshake. I used the Termination SIP URI and it worked like a charm!

Thank you!!!

I will have to work with twilio to create wild card certs for their *.pstn.umatilla.twilio.com

https://techguysio.pstn.twilio.com:5061

$ curl -vv https://techguysio.pstn.twilio.com:5061
*   Trying 54.172.60.3:5061...
* TCP_NODELAY set
* Connected to techguysio.pstn.twilio.com (54.172.60.3) port 5061 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/certs/ca-certificates.crt
  CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
* ALPN, server did not agree to a protocol
* Server certificate:
*  subject: C=US; ST=California; L=San Francisco; O=Twilio, Inc.; CN=*.pstn.twilio.com
*  start date: Jul 27 00:00:00 2020 GMT
*  expire date: Sep 29 12:00:00 2021 GMT
*  subjectAltName: host "techguysio.pstn.twilio.com" matched cert's "*.pstn.twilio.com"
*  issuer: C=US; O=DigiCert Inc; OU=www.digicert.com; CN=Thawte RSA CA 2018
*  SSL certificate verify ok.
> GET / HTTP/1.1
> Host: techguysio.pstn.twilio.com:5061
> User-Agent: curl/7.68.0

 

[Twilio Trunk with TLS + RTSP]

Has anyone had any success configuring twilio trunk with TLS ? 

I am trying to configure twilio trunk with TLS over port 5061. I have Proxy address configured as below and I have enabled Secure Trunking enabled (TLS must be used to encrypt SIP messages on port 5061, and SRTP must be used to encrypt the media packets. Any non-encrypted calls will be rejected)

once configure, when dialing out I only hear white noise. 

My configuration works with udp transport on port 5060 with secure trunking disabled.  

 

any help would be appreciated. 

outbound.pcap