Hi Daniel,
This is the result:
openssl s_client -connect sip.mydomain.com:5061 -tlsextdebug
CONNECTED(00000005) TLS server extension "supported versions" (id=43), len=2 0000 - 03 04 .. TLS server extension "key share" (id=51), len=36 0000 - 00 1d 00 20 3b 06 9a e5-21 16 73 b1 db 04 55 47 ... ;. ..!.s...UG 0010 - 33 5a e0 98 af bf ba 3e-e6 0d 69 40 38 f8 c8 0b 3Z.... .>..i@8... 0020 - ed 79 f2 48 .y.H TLS server extension "server name" (id=0), len=0 depth=2 O = Digital Signature Trust Co., CN = DST Root CA X3 verify return:1 depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3 verify return:1 depth=0 CN = sip.mydomain.com verify return:1 --- Certificate chain 0 s:CN = sip.mydomain.com i:C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3 1 s:C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3 i:O = Digital Signature Trust Co., CN = DST Root CA X3 --- Server certificate -----BEGIN CERTIFICATE-----
[REDACTED]
-----END CERTIFICATE----- subject=CN = sip.mydomain.com
issuer=C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
--- No client certificate CA names sent Peer signing digest: SHA256 Peer signature type: RSA-PSS Server Temp Key: X25519, 253 bits --- SSL handshake has read 3115 bytes and written 400 bytes Verification: OK --- New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384 Server public key is 2048 bit Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE No ALPN negotiated Early data was not sent Verify return code: 0 (ok) --- read:errno=0