TLS certificates hot reload

mircea.bh · June 19, 2023, 9:28pm

Hello,

Does anybody know if there is any possibility to take into account the renewed TLS certificate without interrupting calls in progress?

Also, I try to use one Let’s Encrypt certificate for dtls-srtp.pem but it is rewritten every time on freeswitch restart. Why is this happening and what is dtls-srtp.pem used for?

Thank you.

BrianWest-SW · June 20, 2023, 11:15pm

I don’t believe you can hot reload those currently… Asfor the dtls-srtp.pem thats generated for DTLS exchanges.

/b

mircea.bh · June 21, 2023, 6:56pm

Thank you Brian for your answer.

Does anybody know why Let’s Encrypt certificate is not allowed for dtls-srtp?

Thanks.

BrianWest-SW · June 22, 2023, 4:36pm

Probably has more to do with the size of the cert.

/b

Topic		Replies	Views
Phone SRTP <-> FreeSWITCH <-> Trunk or Phone no SRTP FreeSWITCH	4	242	August 7, 2023
Freeswitch 1.10.9 TLS 1.3 only on Debian 11 Troubleshooting	0	359	June 20, 2023
How to enable mTLS and NOT send cafile.pem Configuration	0	210	July 27, 2023
Freeswitch ignores SDP in 200 OK after 183 FreeSWITCH	0	379	August 23, 2023
Sip dtls-srtp call hangup after 480 sec of audio FreeSWITCH	0	188	January 3, 2024

TLS certificates hot reload

Related topics