Encrypting SIP with TLS (SIPS)
TLS, as SSL, depends on certificates issued by a Certification Authority that guarantee the identity of the certificate bearer. You can buy a TLS certificate from the same CAs that sell Web HTTPS certificates. You can then use that same certificate with WebSockets, WebRTC and mod_verto too (and for the HTTPS website with the same name as your SIP registrar, for example, https://pbx.freeswitch.org).
Also, you can use free and valid certificates from https://letsencrypt.org/, (see the automatic script in FreeSWITCH Confluence about verto_communicator demo installation on Debian 8).
The tool you use to generate the various certificates involved is (aptly named) gentls_cert:
/usr/local/freeswitch/bin/gentls_cert command -cn pbx.freeswitch.org -alt DNS:pbx.freeswitch.org -org freeswitch.org
(Instead of pbx.freeswitch.org and freeswitch.org, use the FQDN your clients will use as SIP registrar and SIP domain).You will use the same utility with the same arguments, but...
