I am making SIP calls using SIP.js and configuring Asterisk 11.x for websockets calls under CentOS 7. On 11.23.1 and earlier, I had to patch the code to disable auto negociation due to ASTERISK-25659. Now that the bug is supposedly fixed in commit
8653da4fa228e1e289e09e5d024e11d24da87d94, I reverted my local patch. Calls from Firefox 49 to Asterisk connect normally. However, when Asterisk originates a call to Firefox, the call hangs up immediately with this message:

[2016-10-26 12:38:09] ERROR[2888][C-00000004]: res_rtp_asterisk.c:2173 __rtp_recvfrom: DTLS failure occurred on RTP instance ‘0x7f5f0802f378’ due to reason ‘no shared cipher’, terminating
[2016-10-26 12:38:09] WARNING[2888][C-00000004]: res_rtp_asterisk.c:3924 ast_rtcp_read: RTCP Read error: Unspecified. Hanging up.

I suspect this has something to do with the dtlscipher setting, which is currently not set anywhere in my setup.

Is my suspicion correct? How do I debug which ciphers need to be enabled?

-bash-4.2# openssl ciphers -v DEFAULT
ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx