[sr-dev] Lets encrypt and certificate renewals

Olle E. Johansson oej at edvina.net
Tue Nov 24 08:29:51 CET 2015 

> On 23 Nov 2015, at 15:50, Daniel-Constantin Mierla <miconda at gmail.com> wrote:
> 
> Hello,
> 
> iirc, there is a rpc command to reload tls.cfg -- inside this file are the paths to certificate and I assume the certs are reloaded as well.
Right. I forgot about that file. That’s excellent. We just have to point users to the external config.
> 
> I haven't looked at letsencrypt scripts to see how some triggers can be hooked there. Waiting to get out to the public and then I will try to find some time for checking what letsencrypt provides.
Great!

/O
> 
> Cheers,
> Daniel
> 
> On 23/11/15 15:41, Olle E. Johansson wrote:
>> Hi!
>> Letsencrypt.org is now in beta and offer free TLS certificates with a 3 month life time.
>> 
>> Certificates will be updated in the background. I haven’t looked into all scripts but I guess that there’s a script that renews the certificate and somehow tells the application to reload the certs.
>> 
>> We need to be able to reload certs in runtime, not by stopping and restarting Kamailio. Possibly either with a user signal or an RPC command reachable through kamcmd/kamctl.
>> 
>> Anyone else that has looked into how the cron scripts communicates with the server process?
>> 
>> /O
>> 
>> 
>> _______________________________________________
>> sr-dev mailing list
>> sr-dev at lists.sip-router.org <mailto:sr-dev at lists.sip-router.org>
>> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-dev <http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-dev>
> 
> -- 
> Daniel-Constantin Mierla
> http://twitter.com/#!/miconda <http://twitter.com/#!/miconda> - http://www.linkedin.com/in/miconda <http://www.linkedin.com/in/miconda>
> Book: SIP Routing With Kamailio - http://www.asipto.com <http://www.asipto.com/>
> Kamailio Advanced Training, Nov 30-Dec 2, Berlin - http://asipto.com/kat <http://asipto.com/kat>_______________________________________________
> sr-dev mailing list
> sr-dev at lists.sip-router.org
> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-dev

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-dev/attachments/20151124/227b7f59/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2374 bytes
Desc: not available
URL: <http://lists.sip-router.org/pipermail/sr-dev/attachments/20151124/227b7f59/attachment.bin>

More information about the sr-dev mailing list