Hi Daniel,
This is the result:
openssl s_client -connect sip.mydomain.com:5061 -tlsextdebug
CONNECTED(00000005)
TLS server extension "supported versions" (id=43), len=2
0000 - 03 04 ..
TLS server extension "key share" (id=51), len=36
0000 - 00 1d 00 20 3b 06 9a e5-21 16 73 b1 db 04 55 47 ... ;.
..!.s...UG
0010 - 33 5a e0 98 af bf ba 3e-e6 0d 69 40 38 f8 c8 0b 3Z....
.>..i@8...
0020 - ed 79 f2 48 .y.H
TLS server extension "server name" (id=0), len=0
depth=2 O = Digital Signature Trust Co., CN = DST Root CA X3
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority
X3
verify return:1
depth=0 CN =
sip.mydomain.com
verify return:1
---
Certificate chain
0 s:CN =
sip.mydomain.com
i:C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
1 s:C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
i:O = Digital Signature Trust Co., CN = DST Root CA X3
---
Server certificate
-----BEGIN CERTIFICATE-----
[REDACTED]
-----END CERTIFICATE-----
subject=CN =
sip.mydomain.com
issuer=C = US, O = Let's Encrypt, CN = Let's Encrypt Authority
X3
---
No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: RSA-PSS
Server Temp Key: X25519, 253 bits
---
SSL handshake has read 3115 bytes and written 400 bytes
Verification: OK
---
New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384
Server public key is 2048 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---
read:errno=0