I like PhonerLite portable version very much. However I find there are a couple of issues : 

If TLS doesn't work, it automatically tries TCP then UDP. 
This is dangerous !!! Because if I want ONLY TLS and don't want my SRTP keys going over unencrypted channels, PhonerLite SHOULD NOT automatically select TCP by SIP. 
So the configuration should be not "preferred connection type", but just "connection type" and PhonerLite should ONLY do what user requests.

By the way, ZRTP license doesn't allow you to include it ?

ZRTP is useful even there is TLS (TLS + SRTP) because ZRTP can do end to end encryption. SRTP keys are provided by the SIP server and the SIP server can decode the RTP stream if it wanted. With ZRTP it cannot. So ZRTP is very useful to add.

Translation in German : 
Ich mag PhonerLite portable Version sehr viel. Doch ich finde, es gibt ein paar Fragen:

Wenn TLS nicht funktioniert, wird es automatisch versucht dann TCP UDP.
Das ist gefährlich! Weil, wenn ich will nur TLS und wollen nicht meine SRTP Tasten gehen über unverschlüsselte Kanäle, PhonerLite sollten nicht automatisch durch die Option TCP SIP.
Also die Konfiguration sollte nicht "bevorzugte Verbindungsart", sondern nur "Connection Type" und PhonerLite sollte nur tun, was Benutzer fordert.

By the way, hat ZRTP Lizenz nicht zulassen, dass du es auch?

ZRTP ist nützlich, auch dort ist TLS (TLS + SRTP), weil ZRTP Ende tun können, um die Verschlüsselung zu beenden. SRTP Tasten sind durch den SIP-Server und dem SIP-Server können sich auf die RTP-Streams dekodieren, wenn er wollte. Mit ZRTP kann es nicht. So ZRTP ist sehr nützlich, um hinzuzufügen.

Thanks for the prompt response.

I know that's why it is called preferred as I already mentioned. What I am suggesting is that you change it to desired or something like that, or add something that says "require tls" so that when the user of phonerlite puts tls, he can be sure that phonerlite will ONLY use TLS, if not it won't connect.

I have been running voip servers, and suggesting and configuring clients (hard and softphones) for 4 years, and believe me this would be a good addition or removal of an issue with phonerlite.

End user should not be subjected to having to check if the connection is TLS etc. Its not just SRTP keys, but even the password is lost.

Without this phonerlite is would give false impression of security. Between UDP and TCP it is ok, but when TLS is selected it should ONLY do TLS. Otherwise I suggest adding an option as "force" to follow the protocol given by user.

Attachment of phonerlite.log for above post.

"waiting for transaction" is only to be seen, if PhonerLite wants to shutdown or switch the profile. PhonerLite has to wait for an answer before shutting down. You will see this message only after unregistration (expires is 0).
Is there a way to test that for my own? Do you have a public IP and an account, so I can test from here? I can't see any problems with other TLS based servers.

I have installed Freeswitch from the repository (http://wiki.freeswitch.org/wiki/Quick_Start) in my Ubuntu on VirtualBox. After starting Freeswitch my virtual Ubuntu was nearly dead. I couldn't use the mouse anymore - there was too heavy load. After removing Freeswitch everything was OK again.
I would prefer to test against an existing installation

I have to debug that for my own - remote access doesn't help me for that.

I mean if I can ssh into your ubuntu and install freeswitch (don't need X, only ssh console). If you can use a spare vm or simply make a copy of it for this purpose. 

I the vm debian with freeswitch all configured is in vmware (which can be imported into vbox) but its about 2 G in size which I can still upload. 

Please let me know what works best. 

The remote desktop or vnc idea gives you full access to my windows PC along with the phonerlite, by the way. So I feel it should work for debug, but it not for some reason we have above alternatives.