Hi John,
When the cert is configured via modparam, the cert is loaded on startup
by OpenSIPS, so any renewal of the cert will have 0 impact on OpenSIPS -
so you will have to restart after each renewal.
I suggest you to provision the certs via DB (and not script), so you can
do a reload after renewal, with any need to restart opensips.
Regards,
Bogdan-Andrei Iancu
OpenSIPS Founder and Developer
http://www.opensips-solutions.com
OpenSIPS Bootcamp 2018
http://opensips.org/training/OpenSIPS_Bootcamp_2018/
On 07/25/2018 06:09 PM, John Quick wrote:
Does anyone have experience using LetsEncrypt certificates for tls or wss in
OpenSIPS v2.4.x over a long enough period of time for the certificate to be
renewed?
Does the OpenSIPS service need to be restarted after each certbot renewal?
This happens about every 2 months.
I have configured opensips so the path in modparam("tls_mgm", "certificate"
is "/etc/letsencrypt/live/<domain-name>/cert.pem"
This is actually a sym-link to the actual cert. It seems to work okay, but
I'm wondering what will happen in two months' time when the cert is renewed.
Thanks.
John Quick
Smartvox Limited
Web: www.smartvox.co.uk
_______________________________________________
Users mailing list
[email protected]
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
_______________________________________________
Users mailing list
[email protected]
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
