[OpenSIPS-Users] tlt_mgm module - any way to pass cert/key as parameter for outgoing connection?
Bogdan-Andrei Iancu
bogdan at opensips.org
Thu Mar 31 14:06:11 UTC 2022
Hi Yury,
I'm afraid this is not possible (to fetch the cert from an external
source at runtime). A dirty hack may be to (1) do the rest and fetch the
cert + key, (2) to insert into (from script) into the tls_mgm db table
and (3) fire an MI tls_reload cmd (from script) via the mi() script
function [1]
[1] https://opensips.org/html/docs/modules/3.2.x/mi_script.html#func_mi
and yeah, I know, it is ugly :(
Best regards,
Bogdan-Andrei Iancu
OpenSIPS Founder and Developer
https://www.opensips-solutions.com
OpenSIPS eBootcamp 23rd May - 3rd June 2022
https://opensips.org/training/OpenSIPS_eBootcamp_2022/
On 3/15/22 1:45 PM, Yury Kirsanov wrote:
> Hi,
> I've got a question, is there any way to pass SSL certificate and key
> as a parameter to the tls_mgm module during script execution? For
> example, first I do a REST request to our REST API server which
> returns me all required parameters including certificate and key. Then
> I'd like to use this response as a client certificate for outgoing
> connection to some TLS-enabled server. Is there any way to do that? I
> know I can use DB module and select a client certificate using avp
> variable, but that's not convenient as it requires tls_reload MI
> command each time the DB is updated.
>
> Thanks and best regards,
> Yury.
>
> _______________________________________________
> Users mailing list
> Users at lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20220331/9bce4411/attachment.html>
More information about the Users
mailing list