diff --git a/daemon/src/dht/dhtaccount.cpp b/daemon/src/dht/dhtaccount.cpp
index c03fdda166693ad07bc1bb182e44f36bb937c4e9..8551e2e630c98c0502dcbba9387dd95d5f477462 100644
--- a/daemon/src/dht/dhtaccount.cpp
+++ b/daemon/src/dht/dhtaccount.cpp
@@ -74,20 +74,6 @@
constexpr const char * const DHTAccount::ACCOUNT_TYPE;
-const CipherArray DHTAccount::TLS_CIPHER_LIST = {
- PJ_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
- PJ_TLS_DH_RSA_WITH_AES_256_CBC_SHA256,
- PJ_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
- PJ_TLS_DH_RSA_WITH_AES_128_CBC_SHA256,
- PJ_TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
- PJ_TLS_DH_RSA_WITH_AES_256_CBC_SHA,
- PJ_TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
- PJ_TLS_RSA_WITH_AES_256_CBC_SHA256,
- PJ_TLS_RSA_WITH_AES_256_CBC_SHA,
- PJ_TLS_RSA_WITH_AES_128_CBC_SHA256,
- PJ_TLS_RSA_WITH_AES_128_CBC_SHA
-};
-
DHTAccount::DHTAccount(const std::string& accountID, bool /* presenceEnabled */)
: SIPAccountBase(accountID)
{
@@ -621,16 +607,13 @@ void DHTAccount::initTlsConfiguration()
// TLS listener is unique and should be only modified through IP2IP_PROFILE
pjsip_tls_setting_default(&tlsSetting_);
- SFL_WARN("cacertPath_ : %s", cacertPath_.c_str());
- SFL_WARN("certPath_ : %s", certPath_.c_str());
- SFL_WARN("privkeyPath_ : %s", privkeyPath_.c_str());
- pj_cstr(&tlsSetting_.ca_list_file, "");//cacertPath_.c_str()
+ pj_cstr(&tlsSetting_.ca_list_file, cacertPath_.c_str());
pj_cstr(&tlsSetting_.cert_file, certPath_.c_str());
pj_cstr(&tlsSetting_.privkey_file, privkeyPath_.c_str());
pj_cstr(&tlsSetting_.password, "");
tlsSetting_.method = PJSIP_TLSV1_METHOD;
- tlsSetting_.ciphers_num = 0;//ciphers_.size();
- tlsSetting_.ciphers = nullptr;//&ciphers_.front();
+ tlsSetting_.ciphers_num = 0;
+ tlsSetting_.ciphers = nullptr;
tlsSetting_.verify_server = false;
tlsSetting_.verify_client = false;
tlsSetting_.require_client_cert = false;
diff --git a/daemon/src/dht/dhtaccount.h b/daemon/src/dht/dhtaccount.h
index 3df46c07242bb31ec063ae1e8711dd6ea43fcfb9..b84927428776f3883a5432bfd0ad98aec2ce9418 100644
--- a/daemon/src/dht/dhtaccount.h
+++ b/daemon/src/dht/dhtaccount.h
@@ -325,11 +325,6 @@ class DHTAccount : public SIPAccountBase {
*/
pjsip_tls_setting tlsSetting_ {};
- /**
- * Allocate a vector to be used by pjsip to store the supported ciphers on this system.
- */
- CipherArray ciphers_ {TLS_CIPHER_LIST};
-
/**
* Optional: "received" parameter from VIA header
*/
diff --git a/daemon/src/sip/sipaccount.cpp b/daemon/src/sip/sipaccount.cpp
index e002d3a9f112f3e595c289750cb9675521e69f08..471b42a6d37c975a45f8f729f3ac114817a0df30 100644
--- a/daemon/src/sip/sipaccount.cpp
+++ b/daemon/src/sip/sipaccount.cpp
@@ -81,36 +81,10 @@ constexpr const char * const SIPAccount::ACCOUNT_TYPE;
#if HAVE_TLS
-const CipherArray SIPAccount::TLSv1_DEFAULT_CIPHER_LIST = {
- PJ_TLS_RSA_WITH_AES_256_CBC_SHA256,
- PJ_TLS_RSA_WITH_AES_256_CBC_SHA,
- PJ_TLS_RSA_WITH_AES_128_CBC_SHA256,
- PJ_TLS_RSA_WITH_AES_128_CBC_SHA,
- PJ_TLS_RSA_WITH_RC4_128_SHA,
- PJ_TLS_RSA_WITH_RC4_128_MD5
-};
-
-const CipherArray SIPAccount::SSLv3_DEFAULT_CIPHER_LIST = {
- PJ_TLS_RSA_WITH_AES_256_CBC_SHA256,
- PJ_TLS_RSA_WITH_AES_256_CBC_SHA,
- PJ_TLS_RSA_WITH_AES_128_CBC_SHA256,
- PJ_TLS_RSA_WITH_AES_128_CBC_SHA,
- PJ_TLS_RSA_WITH_RC4_128_SHA,
- PJ_TLS_RSA_WITH_RC4_128_MD5
-};
-
-const CipherArray SIPAccount::SSLv23_DEFAULT_CIPHER_LIST = {
- PJ_TLS_RSA_WITH_AES_256_CBC_SHA256,
- PJ_TLS_RSA_WITH_AES_256_CBC_SHA,
- PJ_TLS_RSA_WITH_AES_128_CBC_SHA256,
- PJ_TLS_RSA_WITH_AES_128_CBC_SHA,
- PJ_TLS_RSA_WITH_RC4_128_SHA,
- PJ_TLS_RSA_WITH_RC4_128_MD5,
- PJ_SSL_CK_DES_192_EDE3_CBC_WITH_MD5,
- PJ_SSL_CK_RC4_128_WITH_MD5,
- PJ_SSL_CK_IDEA_128_CBC_WITH_MD5,
- PJ_SSL_CK_RC2_128_CBC_WITH_MD5,
-};
+// Empty cypher list will use default cypher list for the transport type on GnuTLS
+const CipherArray SIPAccount::TLSv1_DEFAULT_CIPHER_LIST = {};
+const CipherArray SIPAccount::SSLv3_DEFAULT_CIPHER_LIST = {};
+const CipherArray SIPAccount::SSLv23_DEFAULT_CIPHER_LIST = {};
#endif