Scott, Well, progress of sorts -- the certificate generation is failing -- see below:
Need guidance on how to fix this. I did regenerate the master certificate after I first encountered this problem. Used the following procedure: /usr/bin/ssl-cert/gen-ssl-keys.sh /usr/bin/ssl-cert/install-cert.sh /etc/init.d/sipxecs stop sipxconfig.sh --first-run /etc/init.d/sipxecs restart jim ------------------------------------------------------------------------------------------ [sipxcha...@hyipt1 root]$ /usr/libexec/sipXecs/initial-config hyipt2.hyoung.voice `/etc/sipxpbx/domain-config' -> `/var/sipxdata/tmp/initial-config/hyipt2.hyoung.voice/etc/sipxpbx/domain-config' `/etc/sipxpbx/sipxsupervisor-config' -> `/var/sipxdata/tmp/initial-config/hyipt2.hyoung.voice/etc/sipxpbx/sipxsupervisor-config' Generating DNS record for secondary server Generating resolver configuration for secondary server that points to master We need some information from you to generate the certificates: Country Name (2 letter code): KE State or Province Name (full name): NBI Locality Name (eg, city): NAIROBI Organization Name (eg, company): H Young & Co (E.A) Ltd Organization Unit Name (eg, section): VoIP Services ______________________________________________________________________ Identifying information for your private Certificate Authority (CA) CA Common Name: ca.hyipt1.hyoung.voice Email Contact Address for CA ([email protected]): [email protected] ______________________________________________________________________ Identifying information for the server: Full DNS name for the server: hyipt2.hyoung.voice ______________________________________________________________________ Identifying information for the SIP domain: SIP domain name: hyoung.voice Email Contact Address ([email protected]): [email protected] 2048 semi-random bytes loaded Generating server certificate request [hyipt2.hyoung.voice] ______________________________________________________________________ Generating RSA private key for server (1024 bit) 2048 semi-random bytes loaded Generating RSA private key, 1024 bit long modulus ....++++++ ...................................++++++ e is 65537 (0x10001) ______________________________________________________________________ Generating X.509 certificate signing request for 'hyipt2.hyoung.voice' ______________________________________________________________________ Generating X.509 certificate signed by ca.hyipt1.hyoung.voice Signature ok subject=/C=KE/ST=NBI/L=NAIROBI/O=H Young & Co (E.A) Ltd/OU=VoIP Services/CN=hyipt2.hyoung.voice/[email protected] Getting CA Private Key CA certificate and CA private key do not match 11380:error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch:x509_cmp.c:392: gen-ssl-keys.sh:Error: Failed to generate X.509 certificate > On Mon, 2009-11-30 at 08:25 -0800, jnolen wrote: > > Scott, > > > > The group permissions were indeed incorrect -- see below before and > > after. > > > > But, still getting tar file read error. Deleted secondary on master and > > re-configured, no help. > > Try this on your master system: run the following command as the > 'sipxchange' user (be careful about this... running as root or some > other user could make things worse): > > /usr/libexec/sipXecs/initial-config <hostname> > > where <hostname> is the fully qualified name of your distributed system. > > That _should_ create the file > > /var/sipxdata/tmp/initial-config/<hostname>.tar.gz > > watch for errors and perhaps we'll see what's wrong. > > _______________________________________________ sipx-users mailing list [email protected] List Archive: http://list.sipfoundry.org/archive/sipx-users Unsubscribe: http://list.sipfoundry.org/mailman/listinfo/sipx-users sipXecs IP PBX -- http://www.sipfoundry.org/
