[sr-dev] git:master:ee8c58e7: tls: docs about using db table with kamcli

Daniel-Constantin Mierla miconda at gmail.com
Sat Sep 29 08:56:30 CEST 2018

Module: kamailio
Branch: master
Commit: ee8c58e727261ea66096950b3f5bb1a0e7d73646
URL: https://github.com/kamailio/kamailio/commit/ee8c58e727261ea66096950b3f5bb1a0e7d73646

Author: Daniel-Constantin Mierla <miconda at gmail.com>
Committer: Daniel-Constantin Mierla <miconda at gmail.com>
Date: 2018-09-29T08:55:14+02:00

tls: docs about using db table with kamcli


Modified: src/modules/tls/doc/tls.xml


Diff:  https://github.com/kamailio/kamailio/commit/ee8c58e727261ea66096950b3f5bb1a0e7d73646.diff
Patch: https://github.com/kamailio/kamailio/commit/ee8c58e727261ea66096950b3f5bb1a0e7d73646.patch


diff --git a/src/modules/tls/doc/tls.xml b/src/modules/tls/doc/tls.xml
index 8147208f70..ba8d4b2ac9 100644
--- a/src/modules/tls/doc/tls.xml
+++ b/src/modules/tls/doc/tls.xml
@@ -315,6 +315,40 @@ event_route[tls:connection-out] {
+	<section id="tls.dbstorage">
+		<title>TLS With Database Backend</title>
+		<para>
+		The module does not connect to database to fetch the values for the
+		TLS profile attributes. However the 'kamcli' tool can generate the tls.cfg
+		from a database table. Once generated, the 'tls.cfg' can be reloaded with
+		an RPC command.
+		</para>
+		<para>
+		The kamcli tool can be found at <ulink url="https://github.com/kamailio/kamcli">https://github.com/kamailio/kamcli</ulink>.
+		</para>
+		<para>
+		The schema to create the database table can be seen with the command: "kamcli tls sqlprint".
+		The default name for database table is 'tlscfg'.
+		</para>
+		<para>
+		The most of the column names matches the corresponding attribute names
+		from a TLS profile.
+		</para>
+		<para>
+		The profile id in 'tls.cfg' is generated from '[profile_type:profile_name]'.
+		The 'profile_type' has to be 'server' or 'client'. The 'profile_name'
+		can be 'default', 'any' or the pair of IP address and port like 'ipaddr:port'.
+		</para>
+		<para>
+		The 'file_type' is specifying if the values for 'certificate', 'private_key',
+		'ca_list' and 'crl' are path to files on disc (when is set to 0) or the
+		content of the files (when set to 1). If 'file_type' is 1, then 'kamcli'
+		will create new files on disc and store the values from the database in
+		them. The target folder for 'tls.cfg' and the certificates related files
+		can be set via command options for 'kamcli tls', for more details see
+		the output of 'kamcli tls --help' and 'kamcli tls cfgprint --help'.
+		</para>
+	</section>

More information about the sr-dev mailing list