23 Nov
2015
23 Nov
'15
4:41 p.m.
Hi!
Letsencrypt.org is now in beta and offer free TLS certificates with a 3 month life time.
Certificates will be updated in the background. I haven’t looked into all scripts but I
guess that there’s a script that renews the certificate and somehow tells the application
to reload the certs.
We need to be able to reload certs in runtime, not by stopping and restarting Kamailio.
Possibly either with a user signal or an RPC command reachable through kamcmd/kamctl.
Anyone else that has looked into how the cron scripts communicates with the server
process?
/O
23 Nov
23 Nov
4:50 p.m.
Hello,
iirc, there is a rpc command to reload tls.cfg -- inside this file are
the paths to certificate and I assume the certs are reloaded as well.
I haven't looked at letsencrypt scripts to see how some triggers can be
hooked there. Waiting to get out to the public and then I will try to
find some time for checking what letsencrypt provides.
Cheers,
Daniel
On 23/11/15 15:41, Olle E. Johansson wrote:
Hi!
Letsencrypt.org is now in beta and offer free TLS certificates with a 3 month life time.
Certificates will be updated in the background. I haven’t looked into all scripts but I
guess that there’s a script that renews the certificate and somehow tells the application
to reload the certs.
We need to be able to reload certs in runtime, not by stopping and restarting Kamailio.
Possibly either with a user signal or an RPC command reachable through kamcmd/kamctl.
Anyone else that has looked into how the cron scripts communicates with the server
process?
/O
_______________________________________________
sr-dev mailing list
sr-dev(a)lists.sip-router.org
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-dev
--
Daniel-Constantin Mierla
http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda
Book: SIP Routing With Kamailio - http://www.asipto.com
Kamailio Advanced Training, Nov 30-Dec 2, Berlin - http://asipto.com/kat
24 Nov
24 Nov
9:29 a.m.
On 23 Nov 2015, at 15:50, Daniel-Constantin Mierla
<miconda(a)gmail.com> wrote:
Hello,
iirc, there is a rpc command to reload tls.cfg -- inside this file are the paths to
certificate and I assume the certs are reloaded as well.
Right. I forgot about that
file. That’s excellent. We just have to point users to the external config.
I haven't looked at letsencrypt scripts to see how some triggers can be hooked there.
Waiting to get out to the public and then I will try to find some time for checking what
letsencrypt provides.
Great!
/O
Cheers,
Daniel
On 23/11/15 15:41, Olle E. Johansson wrote:
Hi!
Letsencrypt.org is now in beta and offer free TLS certificates with a 3 month life time.
Certificates will be updated in the background. I haven’t looked into all scripts but I
guess that there’s a script that renews the certificate and somehow tells the application
to reload the certs.
We need to be able to reload certs in runtime, not by stopping and restarting Kamailio.
Possibly either with a user signal or an RPC command reachable through kamcmd/kamctl.
Anyone else that has looked into how the cron scripts communicates with the server
process?
/O
_______________________________________________
sr-dev mailing list
sr-dev(a)lists.sip-router.org <mailto:sr-dev@lists.sip-router.org>
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-dev
<http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-dev>
--
Daniel-Constantin Mierla
http://twitter.com/#!/miconda <http://twitter.com/#!/miconda> -
http://www.linkedin.com/in/miconda <http://www.linkedin.com/in/miconda>
Book: SIP Routing With Kamailio - http://www.asipto.com <http://www.asipto.com/>
Kamailio Advanced Training, Nov 30-Dec 2, Berlin - http://asipto.com/kat
<http://asipto.com/kat>_______________________________________________
sr-dev mailing list
sr-dev(a)lists.sip-router.org
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-dev
3286
days inactive
3287
days old
2 comments
2 participants
participants (2)
-
Daniel-Constantin Mierla -
Olle E. Johansson