SIP Security in Yate
Yate can bind on UDP, TCP and TLS. This is done using a listener that it is a specific section in ysipchan.conf.
How to set a TLS listener
[general] type=tls addr=x.x.x.x port=5061 sslcontext=server_context
Configure a SSL server context
[server_context] enable=yes certificate=name.crt key=name.key
The files name.crt and name.key have to be in the same place as the configuration file in this example.
SRTP Cryptographic Contexts
Data security protocols such as SRTP rely upon a separate key management system to securely establish encryption and/or authentication keys. TLS will protect the SDP message.
In ysipchan.conf by default secure parameter is disabled, for using SRTP you have to enable it.
[default] ; secure: bool: Generate and accept RFC 4568 security descriptors for SRTP secure=enable