Hi All,
Some further information:
I got SipX to start, by changing /etc/init.d/sipxpbx
## check certificate
/usr/bin/ssl-cert/check-cert.sh \
--name ${SIPXCHANGE_DOMAIN_NAME} --name ${MY_FULL_HOSTNAME} \
--fail 5 /etc/sipxpbx/ssl/ssl.crt
ssl_status=$?
to....
## check certificate
/usr/bin/ssl-cert/check-cert.sh \
--name ${SIPXCHANGE_DOMAIN_NAME} --name ${MY_FULL_HOSTNAME} --name
*.mydomain.net.au \
--fail 5 /etc/sipxpbx/ssl/ssl.crt
ssl_status=$?
Ugly yes, but the system is mostly working again.
When I log into the GUI, it says:
One of the background jobs failed. For details click: here
Which leads to:
Data
replication:
credential
4/21/10 11:14
AM
4/21/10 11:15
AM
Failed
Data
replication:
permission
4/21/10 11:15
AM
4/21/10 11:15
AM
Failed
Data
replication:
alias
4/21/10 11:15
AM
4/21/10 11:15
AM
Failed
Data
replication:
caller-alias
4/21/10 11:15
AM
4/21/10 11:15
AM
Failed
File
replication:
resource-lists.xml
4/21/10 11:15
AM
4/21/10 11:15
AM
Failed
File
replication:
orbits.xml
4/21/10 11:15
AM
4/21/10 11:15
AM
Failed
Data
replication:
extension
4/21/10 11:15
AM
4/21/10 11:15
AM
Failed
When I go to the Services page, I get:
sun.security.validator.ValidatorException: PKIX path building failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to
find valid certification path to requested target
So, while the hack got the basics going, it seems the java components of
sipx are failing as java doesn't like the domain wildcard.
Am I wasting my time pursuing this, and should go I go back to a self
signed certificate, or it there a way forward?
Thanks,
-
Graeme Allen
On Wed, 2010-04-21 at 11:05 +1000, Graeme Allen wrote:
> Hi All,
>
> I had a working Sipx installation (3.10.2-013143 2008-07-23T18:09:14
> ecs-centos5) with self certification.
>
> I obtained a domain wildcard certificate from Go Daddy, and tried
> installing it as per http://sipxecs.sipfoundry.org/doc/INSTALL.ssl.html
> however have run into trouble.
>
> When I start SipX it says:
>
> Checking TLS/SSL configuration: [FAILED]
> sipXpbx:
> sipXpbx: sipXpbx configuration problems found:
> sipXpbx:
> sipXpbx: Check TLS/SSL configuration
> sipXpbx: SSL certificate name '*.mydomain.net.au' is not one of:
> 'sip.mydomain.net.au'
> sipXpbx: SSL certificate: /etc/sipxpbx/ssl/ssl.crt
>
> What it is saying is correct, but I should be able to use a domain
> wilcard certificate.
>
> Is there a way to tell SipX to allow the *.mydomain.net.au certificate?
>
> Thanks,
> -
> Graeme
>
_______________________________________________
sipx-users mailing list [email protected]
List Archive: http://list.sipfoundry.org/archive/sipx-users
Unsubscribe: http://list.sipfoundry.org/mailman/listinfo/sipx-users
sipXecs IP PBX -- http://www.sipfoundry.org/
