On Mon, Apr 20, 2009 at 10:46 AM, David Saint <[email protected]> wrote: >> -----Original Message----- >> From: Dans, Raymond (CAR:9D30) >> Sent: Saturday, April 18, 2009 5:18 PM >> To: Lawrence, Scott (BL60:9D30); Saint, David (CAR:9D60) >> Cc: Ranganathan, Mudumbai (CONST:9D30); [email protected] >> Subject: RE: [sipX-dev] Problem with HA secondary server SSL >> >> Scott wrote: >> >> >To: Saint, David (CAR:9D60) >> >Cc: Ranganathan, Mudumbai (CONST:9D30); [email protected] >> >Subject: Re: [sipX-dev] Problem with HA secondary server SSL >> > >> >On Fri, 2009-04-17 at 16:41 -0400, David Saint wrote: >> >> > -----Original Message----- >> >> > From: Nair, Arjun (CAR:9D30) >> >> > Sent: Friday, April 17, 2009 2:45 PM >> >> > To: Saint, David (CAR:9D60) >> >> > Cc: [email protected] >> >> > Subject: Re: [sipX-dev] Problem with HA secondary server SSL >> >> > >> >> > David Saint wrote: >> >> > > Sorry, my previous post didn't display properly. >> >> > > >> >> > > I finally got my HA system to work (after several tries) >> >> > by running: >> >> > > java InstallCert <secondary server> on the primary >> server's >> >> > > directory /etc/sipxpbx/ssl, then regenerating the secondary >> >> > server's >> >> > > profile. >> >> > > Now I can control the secondary server's services from >> >sipXconfig! >> >> > > >> >> > > >> >> > >> >> > I believe Ranga fixed this issue in rev.15179 >> >> > >> >> > Arjun >> >> > >> >> >> >> Upgraded to rev15207, found the new load better in some >> ways but one >> >> new >> >> problem: >> >> In /usr/libexec/sipXecs/initial-config had to change: >> >> /usr/bin/ssl-cert/gen-ssl-keys.sh >> >> /usr/bin/ssl-cert/install-cert.sh >> >> to: >> >> sudo /usr/bin/ssl-cert/gen-ssl-keys.sh >> >> sudo /usr/bin/ssl-cert/install-cert.sh to get the >> secondary server >> >> to complete sipxecs-setup (using RPMs). >> > >> >That's not the right fix - Raymond and I discussed this and >> he's got a >> >different fix queued up. >> > >> I'm not sure this is the same issue. The fix that I provided >> is on an upgrade scenario. I don't believe that David is >> actually upgrading via RPMs (but then again maybe I'm wrong - >> that's what my wife tells me anyways :) ) >> > > I think the problem was due to the file permissions for: > /var/sipxdata/certdb/<secondary server>.der > being set to root:root rather than sipxchange:sipxchange > Perhaps whatever is creating the DER file didn't set > the permissions properly?
It is quite possible. I never did anything with the permission when it was generated. Please change the permission as needed. Thanks Ranga > _______________________________________________ > sipx-dev mailing list > [email protected] > List Archive: http://list.sipfoundry.org/archive/sipx-dev > Unsubscribe: http://list.sipfoundry.org/mailman/listinfo/sipx-dev > -- M. Ranganathan _______________________________________________ sipx-dev mailing list [email protected] List Archive: http://list.sipfoundry.org/archive/sipx-dev Unsubscribe: http://list.sipfoundry.org/mailman/listinfo/sipx-dev
