Module: kamailio
Branch: master
Commit: bf5be06f9b6b3ec6ad68c57f4075af5ba3aa23c4
URL: https://github.com/kamailio/kamailio/commit/bf5be06f9b6b3ec6ad68c57f4075af5…
Author: Kamailio Dev <kamailio.dev(a)kamailio.org>
Committer: Kamailio Dev <kamailio.dev(a)kamailio.org>
Date: 2018-09-29T09:01:41+02:00
modules: readme files regenerated - tls ... [skip ci]
---
Modified: src/modules/tls/README
---
Diff: https://github.com/kamailio/kamailio/commit/bf5be06f9b6b3ec6ad68c57f4075af5…
Patch: https://github.com/kamailio/kamailio/commit/bf5be06f9b6b3ec6ad68c57f4075af5…
---
diff --git a/src/modules/tls/README b/src/modules/tls/README
index 3ea60f8949..20b08cfa4a 100644
--- a/src/modules/tls/README
+++ b/src/modules/tls/README
@@ -89,6 +89,8 @@ Olle E. Johansson
14.1. event_route[tls:connection-out]
+ 15. TLS With Database Backend
+
List of Examples
1.1. Quick Start Basic Config
@@ -210,6 +212,8 @@ Chapter 1. Admin Guide
14.1. event_route[tls:connection-out]
+ 15. TLS With Database Backend
+
1. Overview
This module implements the TLS transport for Kamailio using the OpenSSL
@@ -1550,3 +1554,32 @@ event_route[tls:connection-out] {
}
}
...
+
+15. TLS With Database Backend
+
+ The module does not connect to database to fetch the values for the TLS
+ profile attributes. However the 'kamcli' tool can generate the tls.cfg
+ from a database table. Once generated, the 'tls.cfg' can be reloaded
+ with an RPC command.
+
+ The kamcli tool can be found at https://github.com/kamailio/kamcli.
+
+ The schema to create the database table can be seen with the command:
+ "kamcli tls sqlprint". The default name for database table is 'tlscfg'.
+
+ The most of the column names matches the corresponding attribute names
+ from a TLS profile.
+
+ The profile id in 'tls.cfg' is generated from
+ '[profile_type:profile_name]'. The 'profile_type' has to be 'server' or
+ 'client'. The 'profile_name' can be 'default', 'any' or the pair of IP
+ address and port like 'ipaddr:port'.
+
+ The 'file_type' is specifying if the values for 'certificate',
+ 'private_key', 'ca_list' and 'crl' are path to files on disc (when is
+ set to 0) or the content of the files (when set to 1). If 'file_type'
+ is 1, then 'kamcli' will create new files on disc and store the values
+ from the database in them. The target folder for 'tls.cfg' and the
+ certificates related files can be set via command options for 'kamcli
+ tls', for more details see the output of 'kamcli tls --help' and
+ 'kamcli tls cfgprint --help'.
Module: kamailio
Branch: master
Commit: ee8c58e727261ea66096950b3f5bb1a0e7d73646
URL: https://github.com/kamailio/kamailio/commit/ee8c58e727261ea66096950b3f5bb1a…
Author: Daniel-Constantin Mierla <miconda(a)gmail.com>
Committer: Daniel-Constantin Mierla <miconda(a)gmail.com>
Date: 2018-09-29T08:55:14+02:00
tls: docs about using db table with kamcli
---
Modified: src/modules/tls/doc/tls.xml
---
Diff: https://github.com/kamailio/kamailio/commit/ee8c58e727261ea66096950b3f5bb1a…
Patch: https://github.com/kamailio/kamailio/commit/ee8c58e727261ea66096950b3f5bb1a…
---
diff --git a/src/modules/tls/doc/tls.xml b/src/modules/tls/doc/tls.xml
index 8147208f70..ba8d4b2ac9 100644
--- a/src/modules/tls/doc/tls.xml
+++ b/src/modules/tls/doc/tls.xml
@@ -315,6 +315,40 @@ event_route[tls:connection-out] {
</section>
</section>
+ <section id="tls.dbstorage">
+ <title>TLS With Database Backend</title>
+ <para>
+ The module does not connect to database to fetch the values for the
+ TLS profile attributes. However the 'kamcli' tool can generate the tls.cfg
+ from a database table. Once generated, the 'tls.cfg' can be reloaded with
+ an RPC command.
+ </para>
+ <para>
+ The kamcli tool can be found at <ulink url="https://github.com/kamailio/kamcli">https://github.com/kamailio/kamcli</ulink>.
+ </para>
+ <para>
+ The schema to create the database table can be seen with the command: "kamcli tls sqlprint".
+ The default name for database table is 'tlscfg'.
+ </para>
+ <para>
+ The most of the column names matches the corresponding attribute names
+ from a TLS profile.
+ </para>
+ <para>
+ The profile id in 'tls.cfg' is generated from '[profile_type:profile_name]'.
+ The 'profile_type' has to be 'server' or 'client'. The 'profile_name'
+ can be 'default', 'any' or the pair of IP address and port like 'ipaddr:port'.
+ </para>
+ <para>
+ The 'file_type' is specifying if the values for 'certificate', 'private_key',
+ 'ca_list' and 'crl' are path to files on disc (when is set to 0) or the
+ content of the files (when set to 1). If 'file_type' is 1, then 'kamcli'
+ will create new files on disc and store the values from the database in
+ them. The target folder for 'tls.cfg' and the certificates related files
+ can be set via command options for 'kamcli tls', for more details see
+ the output of 'kamcli tls --help' and 'kamcli tls cfgprint --help'.
+ </para>
+ </section>
</chapter>
</book>