Hi,
Regarding XCF-2428, I would like to open a new discussion thread in
order bring once more into attention a solution proposal that will
accomplish the
following requirement: make possible the coexistence of a web ssl
certificate and a xml-rpc ssl certificate in sipXconfig
Based on our researches here is the result:
[...]
We made some tests with some new web certificates and we observed that
the existence of ssl.crt ssl.key and ssl.p12 files is mandatory in
{prefix}/etc/sipxpbx/ssl directory. As you pointed out, the
create-ssl-keystore.sh is creating a keystore (if not already existing)
and we've looked into it and saw that it adds the certificate
represented by ssl.crt file to this keystore
({prefix}/etc/sipxpbx/ssl/.ssl.keystore).
We could use a specific name for the web certificate ( ssl-web.crt ,
ssl-web.key, ssl-web.p12 ) and copy it from the
{prefix}/var/sipxdata/configserver/web-cert directory to the
{prefix}/etc/sipxpbx/ssl directory. In this way, we will have two
certificates, one for the xml-rpc named ssl.* as it is now and another
one for the web named ssl-web.* .
For this, we will have to modify the create-ssl-keystore.sh file and
have it importing the web certificate into the keystore only if the
ssl-web.crt file exist. Otherwise it will import the ssl.crt file into
the keystore.
Finally for the changes to take effect, we will need to restart the JVM
and pass to it the changes.
However, we don't know if these changes will affect the xml-rpc side.
Please share us your thoughts.
[...]
Please let us know if this approach is suitable.
Regards,
Mircea
_______________________________________________
sipx-dev mailing list
[email protected]
List Archive: http://list.sipfoundry.org/archive/sipx-dev
Unsubscribe: http://list.sipfoundry.org/mailman/listinfo/sipx-dev
