[OpenSIPS-Users] tlt_mgm module - any way to pass cert/key as parameter for outgoing connection?

Yury Kirsanov y.kirsanov at gmail.com
Thu Mar 31 15:23:44 UTC 2022


Hi Bogdan,
Thanks, that's a good idea! Hope one day we will have the ability to select
certificates from AVPs in script!

Best regards,
Yury.

On Fri, Apr 1, 2022 at 1:06 AM Bogdan-Andrei Iancu <bogdan at opensips.org>
wrote:

> Hi Yury,
>
> I'm afraid this is not possible (to fetch the cert from an external source
> at runtime). A dirty hack may be to (1) do the rest and fetch the cert +
> key,  (2) to insert into (from script) into the tls_mgm db table and (3)
> fire an MI tls_reload cmd (from script) via the mi() script function [1]
>
> [1] https://opensips.org/html/docs/modules/3.2.x/mi_script.html#func_mi
>
> and yeah, I know, it is ugly :(
>
> Best regards,
>
> Bogdan-Andrei Iancu
>
> OpenSIPS Founder and Developer
>   https://www.opensips-solutions.com
> OpenSIPS eBootcamp 23rd May - 3rd June 2022
>   https://opensips.org/training/OpenSIPS_eBootcamp_2022/
>
> On 3/15/22 1:45 PM, Yury Kirsanov wrote:
>
> Hi,
> I've got a question, is there any way to pass SSL certificate and key as a
> parameter to the tls_mgm module during script execution? For example, first
> I do a REST request to our REST API server which returns me all required
> parameters including certificate and key. Then I'd like to use this
> response as a client certificate for outgoing connection to some
> TLS-enabled server. Is there any way to do that? I know I can use DB module
> and select a client certificate using avp variable, but that's not
> convenient as it requires tls_reload MI command each time the DB is updated.
>
> Thanks and best regards,
> Yury.
>
> _______________________________________________
> Users mailing listUsers at lists.opensips.orghttp://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20220401/1b12df0f/attachment.html>


More information about the Users mailing list