kenmirrors/asterisk
1
0
Fork 0
mirror of https://github.com/asterisk/asterisk.git synced 2026-05-05 04:43:44 +00:00
Code Issues Packages Projects Releases Wiki Activity

pjsip: Add TLS transport reload support for certificate and key.

Browse Source 
This change adds support using the pjsip_tls_transport_restart
function for reloading the TLS certificate and key, if the filenames
remain unchanged. This is useful for Let's Encrypt and other
situations. Note that no restart of the transport will occur if
the certificate and key remain unchanged.

ASTERISK-30186

Change-Id: I9bc95a6bf791830a9491ad9fa43c17d4010028d0
This commit is contained in:
Joshua C. Colp
2022-08-19 10:24:33 -03:00
committed by Friendly Automation
parent b2fdccc6a4
commit cffaf12d19
11 changed files with 396 additions and 134 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
res/res_pjsip/pjsip_config.xml
View File

@@ -1657,7 +1657,8 @@
A path to a .crt or .pem file can be provided. However, only
the certificate is read from the file, not the private key.
The <literal>priv_key_file</literal> option must supply a
matching key file.
matching key file. The certificate file can be reloaded if
the filename in configuration remains unchanged.
</para></description>
</configOption>
<configOption name="cipher">
@@ -1721,6 +1722,11 @@
</configOption>
<configOption name="priv_key_file">
<synopsis>Private key file (TLS ONLY, not WSS)</synopsis>
<description><para>
A path to a key file can be provided. The private key file
can be reloaded if the filename in configuration remains
unchanged.
</para></description>
</configOption>
<configOption name="protocol" default="udp">
<synopsis>Protocol to use for SIP traffic</synopsis>