This site is for discussion of requirements for a new TLS implementation for openser (vs. the one inside openser 1.0, 1.1, 1.2 and 1.3).
TLS reload. Reloading the TLS configuration while openser is running (e.g for loading new certificates, changing CAs, loading new certificate revocation lists). Must not block openser. Current TLS connections must be keep alive. Adding new virtual TLS domains would also require to add new TCP sockets during TLS reload without restarting openser. This will b another important feature: openser reload (reload the config without restarting, current transactions will keep the old routing config while new transactionsw ill be routed according to the new config, like “asterisk reload”).
if (proto==TLS) and (from==myself) {
setTcpFlag(3);
}
Setting a flag for certain TLS connections - e.g. to differ between TLS connections from SIP clients (local users) and from Proxy-Proxy TLS connections. Then TLS shutdown for example can be used to shut down all proxy-proxy TLS connections, or all Client-Proxy connections. “openserctl tls shutdown tcpflag 3”