On Tue, 2010-02-23 at 12:11 +0200, Mircea Carasel wrote: > Hi, > > During patch review, I noticed that after the certificate is pushed to > secondary hosts, sipXecs from these hosts is restarted. > > I am wondering if this is really needed or not. > > Based on discussions and agreements here: > http://list.sipfoundry.org/archive/sipx-dev/msg21469.html > > we decided only to mark for restart the services (java based) that may > need the newly imported certificate (From Scott I understood that: > C/C++ based services don't need restart in order to pick/use a new > certificate) > > For instance, for the primary host, where sipXconfig runs > (configuration service) we identified for restart the configuration > service and SIP Trunking (sipXbridge) service. > > I believe that the same approach should be taken also for secondary > hosts. We should identify what services we need to mark for restart > and that's all.
Raymond and I discussed this issue this morning, and came up with a plan for how to implement this a bit more cleanly so that we don't need to restart the whole of the sipXecs service, but just the individual services. > Please let me know what do you think. Also, what other services do you > think we should mark for restart, besides SIP Trunking? Any java-based service that uses SSL will need to be restarted (at least unless and until someone can figure out how to get java to flush its internal certificate cache). _______________________________________________ sipx-dev mailing list [email protected] List Archive: http://list.sipfoundry.org/archive/sipx-dev Unsubscribe: http://list.sipfoundry.org/mailman/listinfo/sipx-dev sipXecs IP PBX -- http://www.sipfoundry.org/
