<div dir="ltr">Hi Bogdan,<div>Thanks, that's a good idea! Hope one day we will have the ability to select certificates from AVPs in script!</div><div><br></div><div>Best regards,</div><div>Yury.</div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Fri, Apr 1, 2022 at 1:06 AM Bogdan-Andrei Iancu <<a href="mailto:bogdan@opensips.org">bogdan@opensips.org</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div>
<font face="monospace">Hi Yury,<br>
<br>
I'm afraid this is not possible (to fetch the cert from an
external source at runtime). A dirty hack may be to (1) do the
rest and fetch the cert + key, (2) to insert into (from script)
into the tls_mgm db table and (3) fire an MI tls_reload cmd (from
script) via the mi() script function [1]<br>
<br>
[1]
<a href="https://opensips.org/html/docs/modules/3.2.x/mi_script.html#func_mi" target="_blank">https://opensips.org/html/docs/modules/3.2.x/mi_script.html#func_mi</a><br>
<br>
and yeah, I know, it is ugly :(<br>
<br>
Best regards,<br>
</font>
<pre cols="72">Bogdan-Andrei Iancu
OpenSIPS Founder and Developer
<a href="https://www.opensips-solutions.com" target="_blank">https://www.opensips-solutions.com</a>
OpenSIPS eBootcamp 23rd May - 3rd June 2022
<a href="https://opensips.org/training/OpenSIPS_eBootcamp_2022/" target="_blank">https://opensips.org/training/OpenSIPS_eBootcamp_2022/</a></pre>
<div>On 3/15/22 1:45 PM, Yury Kirsanov
wrote:<br>
</div>
<blockquote type="cite">
<div dir="ltr">Hi,
<div>I've got a question, is there any way to pass SSL
certificate and key as a parameter to the tls_mgm module
during script execution? For example, first I do a REST
request to our REST API server which returns me all required
parameters including certificate and key. Then I'd like to use
this response as a client certificate for outgoing connection
to some TLS-enabled server. Is there any way to do that? I
know I can use DB module and select a client certificate using
avp variable, but that's not convenient as it requires
tls_reload MI command each time the DB is updated.</div>
<div><br>
</div>
<div>Thanks and best regards,</div>
<div>Yury.</div>
</div>
<br>
<fieldset></fieldset>
<pre>_______________________________________________
Users mailing list
<a href="mailto:Users@lists.opensips.org" target="_blank">Users@lists.opensips.org</a>
<a href="http://lists.opensips.org/cgi-bin/mailman/listinfo/users" target="_blank">http://lists.opensips.org/cgi-bin/mailman/listinfo/users</a>
</pre>
</blockquote>
<br>
</div>
</blockquote></div>