Not sure if the logs a clear on what/when connection is rejected. I can share a few troubleshooting hints : 1: Check if you are using the setting require_certificate try to set it to no and test again. 2: You can verify that you can connect to our proxy using libssl openssl s_client -showcerts -debug -verify_hostname <yourdomain.com> -servername <yourdomain.com> -connect <yourdomain.com>:5061 This command will produce a detailed report, if the connection does not work you may need to add the root CA from letsencrypt https://letsencrypt.org/certificates/ (If your Linux OS is a bit old, this will be the case) You can test with : openssl s_client -showcerts -debug -verify_hostname <yourdomain.com> -servername <yourdomain.com> -connect <yourdomain.com>:5061 -CAfile /etc/ssl/certs/isrgrootx1.pem 3: take a full TCP trace using tcpdump and look at the handshake, you may learn more about the failure/rejection Hope this will help you, to save some of your hair Julien On Thu, Feb 7, 2019 at 1:29 AM Gertjan Wolzak &lt;g.wolzak(a)kazlow.nl&gt; wrote: