[Free-RTC] using Let's Encrypt free certificates for SIP, XMPP, WebRTC, TURN, etc

Olle E. Johansson oej at edvina.net
Tue Jul 12 16:00:57 CEST 2016


> On 12 Jul 2016, at 15:28, Daniel Pocock <daniel at pocock.pro> wrote:
> 
> 
> 
> Hi all,
> 
> I published a blog[1] about the new Let's Encrypt free CA and how it
> will benefit Free RTC
> 
> Has anybody else tried the certificates with any servers for SIP, XMPP
> or other RTC services?
I have used it with SIP servers and ejabberd for XMPP. No problems.
I would love being able to get certs following the SIP server certificate standard
though, or certs with multiple subj alt names.

> 
> Has anybody looked at integrating certbot[3] or any of the other tools
> for automatic certificate renewal?
You don’t really want to integrate certbot, you want to integrate the ACME protocol.

The first level to check is to see if your server application can reload/restart 
TLS and get new certificates on the fly, without service disruption. As far as I 
checked both Asterisk and Kamailio can do that, which is a requirement if
you need to exchange certificates every third month.

/O
> 
> Regards,
> 
> Daniel
> 
> 
> 
> 1. https://danielpocock.com/lets-encrypt-torpedoes-cost-free-rtc
> 2. https://letsencrypt.org/
> 3. https://certbot.eff.org/
> _______________________________________________
> Free-RTC mailing list
> Free-RTC at lists.fsfe.org
> https://lists.fsfe.org/mailman/listinfo/free-rtc



More information about the Free-RTC mailing list