[sr-dev] RFC: about the self signed tls certificates

Juha Heinanen jh at tutpro.com
Mon Jul 20 21:07:28 CEST 2015

Daniel-Constantin Mierla writes:

> My proposal is to move generation of self signed certificates to kamctl.
> There can be a kamctl.tls file to be deployed by the tls package (same
> is done by kamctl.mysql, being part of mysql package), which should add
> a new group of commands, among them something like:
> kamctl tls generate-certificate
> The drawback is that before enabling tls and starting kamailio, one has
> to run the above command. We can document that in tls module readme and
> in kamailio.cfg in the comments related to WITH_TLS define.
> Anyone with comments, pros/cons?

I support certificate generation by kamctl.

-- Juha

More information about the sr-dev mailing list