On 23 Nov 2015, at 15:50, Daniel-Constantin Mierla <miconda@gmail.com> wrote:

Hello,

iirc, there is a rpc command to reload tls.cfg -- inside this file are the paths to certificate and I assume the certs are reloaded as well.
Right. I forgot about that file. That’s excellent. We just have to point users to the external config.

I haven't looked at letsencrypt scripts to see how some triggers can be hooked there. Waiting to get out to the public and then I will try to find some time for checking what letsencrypt provides.
Great!

/O

Cheers,
Daniel

On 23/11/15 15:41, Olle E. Johansson wrote:
Hi!
Letsencrypt.org is now in beta and offer free TLS certificates with a 3 month life time.

Certificates will be updated in the background. I haven’t looked into all scripts but I guess that there’s a script that renews the certificate and somehow tells the application to reload the certs.

We need to be able to reload certs in runtime, not by stopping and restarting Kamailio. Possibly either with a user signal or an RPC command reachable through kamcmd/kamctl.

Anyone else that has looked into how the cron scripts communicates with the server process?

/O


_______________________________________________
sr-dev mailing list
sr-dev@lists.sip-router.org
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-dev


-- 
Daniel-Constantin Mierla
http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda
Book: SIP Routing With Kamailio - http://www.asipto.com
Kamailio Advanced Training, Nov 30-Dec 2, Berlin - http://asipto.com/kat
_______________________________________________
sr-dev mailing list
sr-dev@lists.sip-router.org
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-dev