In Flysip the UI to setup TLS traffic processing was implemented. In order to use this feature, the version of OpenSIPS used for Environment should be >=3.1
More basic information regarding TLS could be found in Wikipedia for example
Authorization of incoming TLS calls
In order to authenticate the TLS traffic it's required to assign the TLS certificate with the required TLS method to selected Network Listener (IP:port) on Incoming SIP TLS Connections page:
By default 5061 TCP port and all IP addresses assigned to Environment accept incoming traffic.
All external TLS communication within Environment is allowed only from OpenSIPS ports, it's not possible to send outgoing INVITE with TLS from port of b2bua.
1. Make sure that IP address of traffic originator is allowed on System Management - System Parameters - IP Firewall in SIP/TLS section:
2. Then add the new TLS certificate from System Management - System Parameters - SSL Certificates.
Note - certificate should be valid, expired certificate can not be used to establish TLS connection.
3. Now setup the added certificate in System Management - System Parameters - Incoming SIP TLS Connections
4. Changes would be applied in about a minute - after that the test call could be sent through this vendor.
Termination the outgoing call to Vendor via TLS
1. Make sure that IP address of traffic receiver (Vendor) is allowed on System Management - System Parameters - IP Firewall in SIP/TLS section: