diff --git a/channels/pjsip/dialplan_functions.c b/channels/pjsip/dialplan_functions.c
index ce347dcd98b3c8c79487593dc3125b25c47ab264..d21a80cd7c80827ad62770b50b22c08bb944ad0f 100644
--- a/channels/pjsip/dialplan_functions.c
+++ b/channels/pjsip/dialplan_functions.c
@@ -529,7 +529,13 @@ static int channel_read_rtp(struct ast_channel *chan, const char *type, const ch
 	} else if (!strcmp(type, "direct")) {
 		ast_copy_string(buf, ast_sockaddr_stringify(&media->direct_media_addr), buflen);
 	} else if (!strcmp(type, "secure")) {
-		snprintf(buf, buflen, "%d", media->srtp ? 1 : 0);
+		if (media->srtp) {
+			struct ast_sdp_srtp *srtp = media->srtp;
+			int flag = ast_test_flag(srtp, AST_SRTP_CRYPTO_OFFER_OK);
+			snprintf(buf, buflen, "%d", flag ? 1 : 0);
+		} else {
+			snprintf(buf, buflen, "%d", 0);
+		}
 	} else if (!strcmp(type, "hold")) {
 		snprintf(buf, buflen, "%d", media->remotely_held ? 1 : 0);
 	} else {
diff --git a/res/res_srtp.c b/res/res_srtp.c
index 7552a7a2ff3842e1ee7146384e2a1b4450a3838d..97856d08d3a392f76ed70c5ebf0fc17dd9e6f875 100644
--- a/res/res_srtp.c
+++ b/res/res_srtp.c
@@ -1015,7 +1015,6 @@ static int res_sdp_crypto_parse_offer(struct ast_rtp_instance *rtp, struct ast_s
 		}
 	} else if (!memcmp(crypto->remote_key, remote_key, key_len_from_sdp)) {
 		ast_debug(1, "SRTP remote key unchanged; maintaining current policy\n");
-		ast_set_flag(srtp, AST_SRTP_CRYPTO_OFFER_OK);
 		return 0;
 	}