[OpenSIPS-Users] Using LetsEncrypt certs with v2.4
Bogdan-Andrei Iancu
bogdan at opensips.org
Thu Jul 26 07:56:18 EDT 2018
Hi John,
When the cert is configured via modparam, the cert is loaded on startup
by OpenSIPS, so any renewal of the cert will have 0 impact on OpenSIPS -
so you will have to restart after each renewal.
I suggest you to provision the certs via DB (and not script), so you can
do a reload after renewal, with any need to restart opensips.
Regards,
Bogdan-Andrei Iancu
OpenSIPS Founder and Developer
http://www.opensips-solutions.com
OpenSIPS Bootcamp 2018
http://opensips.org/training/OpenSIPS_Bootcamp_2018/
On 07/25/2018 06:09 PM, John Quick wrote:
> Does anyone have experience using LetsEncrypt certificates for tls or wss in
> OpenSIPS v2.4.x over a long enough period of time for the certificate to be
> renewed?
>
> Does the OpenSIPS service need to be restarted after each certbot renewal?
> This happens about every 2 months.
> I have configured opensips so the path in modparam("tls_mgm", "certificate"
> is "/etc/letsencrypt/live/<domain-name>/cert.pem"
> This is actually a sym-link to the actual cert. It seems to work okay, but
> I'm wondering what will happen in two months' time when the cert is renewed.
>
> Thanks.
>
> John Quick
> Smartvox Limited
> Web: www.smartvox.co.uk
>
>
>
> _______________________________________________
> Users mailing list
> Users at lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
More information about the Users
mailing list