We’ve realized that when the SIP profile is configured with:
<param name="tls-verify-policy" value="all"/>
Then contents of the cafile.pem are being sent by FreeSWITCH during initial TLS handshake. We’ve also observed that if we disable mTLS using:
<param name="tls-verify-policy" value="out"/>
Then cafile.pem is not being sent but this disables mTLS.
Is there a way to NOT send the contents of cafile.pem and at the same time enable mTLS?