Re: [SR-Users] kamailio and certificate renewal

2022-02-25 Thread Henning Westerholt 
Hello,

yes, the remark in the documentation is about configuration change. Certificate 
reload should be fine with the “reload” cmd. You need to trigger it, its not 
done automatically.

Cheers,

Henning

--
Henning Westerholt – https://skalatan.de/blog/
Kamailio services – https://gilawa.com

From: sr-users  On Behalf Of Aymeric 
Moizard
Sent: Friday, February 25, 2022 11:28 AM
To: Kamailio (SER) - Users Mailing List 
Subject: [SR-Users] kamailio and certificate renewal

Hi all,

I'm switching my kamailio to use Let's Encrypt certificates.

Do I need to force a restart of kamailio when the certificate
is renewed or will this be automatic?

The doc indicates that reload is possible (but not advised)
but it looks to be for a "configuration change" (tls.cfg file change)
and not for certificate change.

Maybe certificates are automatically reloaded?

Regards
Aymeric

--
[http://sip.antisip.com/am48.png]Antisip - http://www.antisip.com
__
Kamailio - Users Mailing List - Non Commercial Discussions
  * sr-users@lists.kamailio.org
Important: keep the mailing list in the recipients, do not reply only to the 
sender!
Edit mailing list options or unsubscribe:
  * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

[SR-Users] kamailio and certificate renewal

2022-02-25 Thread Aymeric Moizard 
Hi all,

I'm switching my kamailio to use Let's Encrypt certificates.

Do I need to force a restart of kamailio when the certificate
is renewed or will this be automatic?

The doc indicates that reload is possible (but not advised)
but it looks to be for a "configuration change" (tls.cfg file change)
and not for certificate change.

Maybe certificates are automatically reloaded?

Regards
Aymeric

-- 
Antisip - http://www.antisip.com
__
Kamailio - Users Mailing List - Non Commercial Discussions
  * sr-users@lists.kamailio.org
Important: keep the mailing list in the recipients, do not reply only to the 
sender!
Edit mailing list options or unsubscribe:
  * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

Re: [SR-Users] Re-using an existing TLS connection

2022-02-25 Thread Olle E. Johansson 


> On 25 Feb 2022, at 09:32, Matthias Urlichs  wrote:
> 
> Signed PGP part
> Hello,
> 
> My problem: our provider opens a TLS connection to us. They want us to use 
> this channel for outgoing calls, instead of opening a new SIP connection to 
> their server.
> 
> Is there a way to teach Kamailio to do that?

As Henning already answered, yes. But if you are security-consious it would 
from a SIP security standpoint require that their side present a client cert 
that you can verify so you are really sending calls to the right provider.

/O


signature.asc
Description: Message signed with OpenPGP
__
Kamailio - Users Mailing List - Non Commercial Discussions
  * sr-users@lists.kamailio.org
Important: keep the mailing list in the recipients, do not reply only to the 
sender!
Edit mailing list options or unsubscribe:
  * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

Re: [SR-Users] Re-using an existing TLS connection

2022-02-25 Thread Henning Westerholt 
Hello,

for a start - did you already tried this parameter: 
http://www.kamailio.org/wiki/cookbooks/5.5.x/core#tcp_reuse_port

Then have a look for example to this discussion: 
https://lists.kamailio.org/pipermail/sr-users/2019-November/107222.html

Cheers,

Henning

-- 
Henning Westerholt – https://skalatan.de/blog/
Kamailio services – https://gilawa.com

-Original Message-
From: sr-users  On Behalf Of Matthias 
Urlichs
Sent: Friday, February 25, 2022 9:32 AM
To: sr-users@lists.kamailio.org
Subject: [SR-Users] Re-using an existing TLS connection

Hello,

My problem: our provider opens a TLS connection to us. They want us to use this 
channel for outgoing calls, instead of opening a new SIP connection to their 
server.

Is there a way to teach Kamailio to do that?

--
-- Matthias Urlichs

__
Kamailio - Users Mailing List - Non Commercial Discussions
  * sr-users@lists.kamailio.org
Important: keep the mailing list in the recipients, do not reply only to the 
sender!
Edit mailing list options or unsubscribe:
  * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users