On Thu, 2009-02-05 at 19:38 +0530, Ananda Teertha wrote:
> Hi All,
>
> How to use the Web certificates in an HA environment. Is it that both
> the master and distributed certificate authorities must be signed by the
> same same CA?.
Yes.
> We were trying to set up HA in 3.11 and hit upon by XCF-3110 : SSL
> certificate expired unexpectedly.
> I tried to manually create the certificate (per 3.10) and got the
> following errors.
>
> [r...@earth SLAVE-CRT]# /usr/bin/ssl-cert/install-cert.sh --remote
> moon.qantom.int
>
> The --remote and --remote-receive options are obsolete.
>
> Installation of certificate data for a distributed system
> is now integrated into the sipx-setup script, supported
> by certificate generation in sipXconfig.
>
> Now, how to configure the HA in above scenario. Please advise.
The new procedure is:
1. First use sipXconfig in the first system (the Master) to Add a
new system. This configures the name and address of the new
system into the sipXconfig database and displays a Setup
Password you will need in the next step (you can change it if
you find the random one hard to remember).
2. Slightly different depending on whether you are using the ISO or
RPMs:
A. ISO: install the second system ISO and log in as root as
usual; when it asks you if this is the first system or
an additional system, pick the latter.
B. RPMs: install the RPMs and then (as root) run:
sipx-setup ; again, when it asks you select additional
system.
3. The script will ask you for the hostname of the Master system
and for the Setup Password. When you enter them, the script
will download the certificate for the new system (with other
configuration) from the Master.
_______________________________________________
sipx-dev mailing list
[email protected]
List Archive: http://list.sipfoundry.org/archive/sipx-dev
Unsubscribe: http://list.sipfoundry.org/mailman/listinfo/sipx-dev
