[OpenSIPS-Users] tlt_mgm module - any way to pass cert/key as parameter for outgoing connection?

Bogdan-Andrei Iancu bogdan at opensips.org
Thu Mar 31 14:06:11 UTC 2022


Hi Yury,

I'm afraid this is not possible (to fetch the cert from an external 
source at runtime). A dirty hack may be to (1) do the rest and fetch the 
cert + key,  (2) to insert into (from script) into the tls_mgm db table 
and (3) fire an MI tls_reload cmd (from script) via the mi() script 
function [1]

[1] https://opensips.org/html/docs/modules/3.2.x/mi_script.html#func_mi

and yeah, I know, it is ugly :(

Best regards,

Bogdan-Andrei Iancu

OpenSIPS Founder and Developer
   https://www.opensips-solutions.com
OpenSIPS eBootcamp 23rd May - 3rd June 2022
   https://opensips.org/training/OpenSIPS_eBootcamp_2022/

On 3/15/22 1:45 PM, Yury Kirsanov wrote:
> Hi,
> I've got a question, is there any way to pass SSL certificate and key 
> as a parameter to the tls_mgm module during script execution? For 
> example, first I do a REST request to our REST API server which 
> returns me all required parameters including certificate and key. Then 
> I'd like to use this response as a client certificate for outgoing 
> connection to some TLS-enabled server. Is there any way to do that? I 
> know I can use DB module and select a client certificate using avp 
> variable, but that's not convenient as it requires tls_reload MI 
> command each time the DB is updated.
>
> Thanks and best regards,
> Yury.
>
> _______________________________________________
> Users mailing list
> Users at lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20220331/9bce4411/attachment.html>


More information about the Users mailing list