Fixed in latest 4.6.0-233 CentOS RPMs.
thanks~
On Jul 30, 2012, at 14:11 , Kurt Albershardt wrote:
> Created http://track.sipfoundry.org/browse/XX-10340
>
> Quite likely a release blocker, but not my call.
___
sipx-users mailing list
sipx-users@lis
Created http://track.sipfoundry.org/browse/XX-10340
Quite likely a release a blocker, but not my call.
On Jul 30, 2012, at 14:05 , Kurt Albershardt wrote:
> First time running setup script on a freshly built Centos 6 VM:
>
>
> [root@sipx ~]# cat /etc/sysconfig/network
> NETWORKING="yes"
> G
First time running setup script on a freshly built Centos 6 VM:
[root@sipx ~]# cat /etc/sysconfig/network
NETWORKING="yes"
GATEWAYDEV="venet0"
NETWORKING_IPV6="yes"
IPV6_DEFAULTDEV="venet0"
HOSTNAME="sipx.domain.com"
[root@sipx ~]# sipxecs-setup
Network settings:
IP address : 192.168.X.26
Wou
Happened the first time I ran the script, FWIW.
Install was updated 2-3x before I ran setup (due to dependency glitches) so
it's not a good test case.
I'll re-install on a clean VM and try again.
On Jul 30, 2012, at 13:26 , Tony Graziano wrote:
> i might venture a guess that re-running the s
On Jul 30, 2012, at 13:22 , Douglas Hubler wrote:
> We scrape host and domain from
>
> /etc/sysconfig/network
>
> so it probably *was* wrong there too. That value comes from using the
> network config tool we launch from the setup-setup script. I say "was"
> because we in turn write it ba
i might venture a guess that re-running the script and taking the defaults
are doing this. if so, it would be incorrect and unwanted behavior. i think
in order to open a jira, it needs to be tried against a fresh install and
all patched up prior to running, then re-running the script. if it
continu
On Mon, Jul 30, 2012 at 3:11 PM, Kurt Albershardt wrote:
> thanks~
>
We scrape host and domain from
/etc/sysconfig/network
so it probably *was* wrong there too. That value comes from using the
network config tool we launch from the setup-setup script. I say "was"
because we in turn write i
Just tried a couple variants of that - first one left the host and domain at
default and then I manually typed everything else -- that produced the same
result at the end:
https://"sipx.domain.com";
Note spurious double quotes show in the proposed defaults:
Enter just the host name of this
perhaps re-run the script and manually input the host and sipdomain
(instead of hitting enter) to see if it removes the quotes.
On Mon, Jul 30, 2012 at 2:59 PM, Kurt Albershardt wrote:
> did not add quotes -- and the URL at the end still has them:
>
>
> [root@sipx ~]# sipxecs-setup --reset-all
did not add quotes -- and the URL at the end still has them:
[root@sipx ~]# sipxecs-setup --reset-all
This will wipe all configuration data from this server. Are you sure? [ enter
'y' or 'n' ] : y
Network settings:
IP address : 192.168.X.26
Would you like to configure your system's network s
Attached, and shows double quotes. I'm guessing this is also the cause of what
I reported earlier:
> One more minor glitch at the end of the script - looks like extra quotes in
> the URL:
>
> In a few more minutes you will be able to access the administration
> interface from your web browser
Somehow you might have double quotes around your host name. When
running sipxecs-setup, did you put double quotes around your host
name? Can you send me /etc/sipxpbx/sipxconfig.properties?
On Mon, Jul 30, 2012 at 2:27 PM, Kurt Albershardt wrote:
> sipxconfig.log and tail of sipxagent.log (whic
mongo doesn't look right...
try:
bash -x /usr/bin/mongodb-repair
/etc/init.d/mongod start
On Mon, Jul 30, 2012 at 2:27 PM, Kurt Albershardt wrote:
> sipxconfig.log and tail of sipxagent.log (which was 2 MB) attached.
>
>
>
>
> Updated via yum this morning and invoked 'sipxecs-setup --reset-
check/send along sipxagent.log and sipxconfig.log
On Sat, Jul 28, 2012 at 4:07 PM, Kurt Albershardt wrote:
> Ran a 'yum update' on an unconfigured 4.6 (installed on 7/25, the one with
> the unmet Homer dependency) and got only a couple of OS updates.
>
> Running 'yum groupupgrade sipxecs' yielde
Ran a 'yum update' on an unconfigured 4.6 (installed on 7/25, the one with the
unmet Homer dependency) and got only a couple of OS updates.
Running 'yum groupupgrade sipxecs' yielded 271 updates (now at 4.6.0.233)
Did a 'yum clean all' and restarted, then ran sipxecs-setup.
Five minutes later, n
That was indeed the problem, didn't have a wildcard so quickly bought one for
the sipx server and it went in fine.
Thanks again.
On Sun, 2 May 2010 19:41:57 -0500, m...@grounded.net wrote:
> Could someone post how they went about installing godaddy ssl certs on
> their 4.2 server.
>
> Trying j
I guess I don't have a wildcard cert. Off to buy another one for now.
On Sun, 2 May 2010 20:44:14 -0500, m...@grounded.net wrote:
> Ok, thanks again, that worked just fine this time around.
>
> Mike
>
>
> On Sun, 02 May 2010 20:04:23 -0500, Josh Patten wrote:
>> No, you don't have to worry abou
Maybe something is still left over. Checking by connecting gives me,
sx.mydomain.com:8443 uses an invalid security certificate.
The certificate is only valid for the following names:
www.mydomain.com , mydomain.com
(Error code: ssl_error_bad_cert_domain)
Yet, should work as the domain is co
Ok, thanks again, that worked just fine this time around.
Mike
On Sun, 02 May 2010 20:04:23 -0500, Josh Patten wrote:
> No, you don't have to worry about it. All you have to do is upload the
>
> .key and .crt files and sipXconfig will restart with the new certificate
> in place.
>
> On 05/02/2
No, you don't have to worry about it. All you have to do is upload the
.key and .crt files and sipXconfig will restart with the new certificate
in place.
On 05/02/2010 08:03 PM, m...@grounded.net wrote:
>> If you have the key and cert then you don't need to worry about the CSR.
>> That's the
> If you have the key and cert then you don't need to worry about the CSR.
> That's the beauty of having both.
>
> The CSR is the certificate signing request and that generates a private key
> for you. If you already have the private key then you don't need to do a
> CSR.
>
> http://en.wikipedia.
If you have the key and cert then you don't need to worry about the CSR.
That's the beauty of having both.
The CSR is the certificate signing request and that generates a private
key for you. If you already have the private key then you don't need to
do a CSR.
http://en.wikipedia.org/wiki/Ce
Yes, I have both, it comes in a zip file.
Problem is, I might have a slightly different CSR and can't find the note on
when I created it.
Can I just upload the CSR file in order to generate that first, then my godaddy
files should import.
Mike
On Sun, 02 May 2010 19:41:08 -0500, Josh Patten wr
With a wildcard cert you have to have the .key that came with the
certificate. Other than that it should work fine.
On 05/02/2010 06:52 PM, m...@grounded.net wrote:
> I have a cert which is www.domain.com and *.domain.com which is being used on
> a web server which has the same domain name as th
gt;> From: sipx-users-boun...@list.sipfoundry.org [mailto:sipx-users-
>> boun...@list.sipfoundry.org] On Behalf Of m...@grounded.net
>> Sent: Sunday, May 02, 2010 7:53 PM
>> To: sipx-users
>> Subject: [sipx-users] ssl cert
>>
>> I have a cert which is www.domain.
users
> Subject: [sipx-users] ssl cert
>
> I have a cert which is www.domain.com and *.domain.com which is being
> used on a web server which has the same domain name as the sipx server
> does. Could I install this cert on sipx safely or should I purchase
> another cert? And, in 4.2
I have a cert which is www.domain.com and *.domain.com which is being used on a
web server which has the same domain name as the sipx server does. Could I
install this cert on sipx safely or should I purchase another cert? And, in
4.2, are ssl certs easier to install?
Thanks.
Mike
__
FYI, Pathlen is 0 on my box I did DR testing to a few weeks ago.
On 1/20/2010 2:40 PM, Raymond Dans wrote:
> mkitchin.pub...@gmail.com wrote:
>
>> Subject: Re: [sipx-users] SSL Cert help
>>
>> Am I dead in the water here? Should I go ahead and reload the OS?
>>
Date is ok.
[r...@nshpbx1 ssl]# date
Wed Jan 20 14:42:53 CST 2010
I'm sure I did something to cause this. Unless I hear something I will
start reloading the OS in about 20 min.
On 1/20/2010 2:40 PM, Raymond Dans wrote:
> mkitchin.pub...@gmail.com wrote:
>
>> Subject: Re:
mkitchin.pub...@gmail.com wrote:
>Subject: Re: [sipx-users] SSL Cert help
>
>Am I dead in the water here? Should I go ahead and reload the OS?
I'm fresh out of ideas.
The one thing that seemed odd to me in your output from keytool was that
the PathLen in both show as u
Am I dead in the water here? Should I go ahead and reload the OS?
On 1/20/2010 1:34 PM, mkitchin.pub...@gmail.com wrote:
> On 1/20/2010 1:30 PM, Raymond Dans wrote:
>> I believe it looks okay. The beginning of that line is for the alias
>> name and you don't have one. I'm not familiar enough wit
rk with someone to detail the instructions from start to finish
> and use real examples assuming it is tested and worked for others.
>
> Cheers
> Grant
>
>
>
>
> -Original Message-
> From: mkitchin.pub...@gmail.com [mailto:mkitchin.pub...@gmail.com]
> Sent
rsday, 21 January 2010 7:45 a.m.
To: Raymond Dans
Cc: Scott Lawrence; Grant Lang; sipx-users@list.sipfoundry.org
Subject: Re: [sipx-users] SSL Cert help
I'm not sure exactly how to do that, so I guess I hadn't. How should I
do that? The ssl script seems to indicate it is doing that (see be
On 1/20/2010 1:30 PM, Raymond Dans wrote:
> I believe it looks okay. The beginning of that line is for the alias
> name and you don't have one. I'm not familiar enough with this to know
> whether have no alias is okay.
>
> Try issuing the keytool commands again and add '-v' after the '-list'.
> T
>Subject: Re: [sipx-users] SSL Cert help
>
>Everything looks ok to me, I think. The only possibly odd
>thing I see is the 'trustedCertEntry' part in the keystore. I
>did a disaster recover test of this machine a few weeks ago
>and I looked at the machine I recovered
E:48:EF:EB:13:76:99:7C:09
On 1/20/2010 1:14 PM, Raymond Dans wrote:
>> Subject: Re: [sipx-users] SSL Cert help
>>
>> On 1/20/2010 12:27 PM, Raymond Dans wrote:
>>
>>> Not sure if this will help but did you regenerate and
>>>
>> insta
>Subject: Re: [sipx-users] SSL Cert help
>
>On 1/20/2010 12:27 PM, Raymond Dans wrote:
>> Not sure if this will help but did you regenerate and
>install the Java
>> Keystore/Truststore? If not you may want to try this first.
>I'm not sure exactly how to d
7 PM, Raymond Dans wrote:
>> Subject: Re: [sipx-users] SSL Cert help
>>
>> I will be glad to listen to a whole bunch of "I told so", but
>> I would greatly appreciate a little help first.
>> I made a system backup, and backed up the SSL directories
>> before
>Subject: Re: [sipx-users] SSL Cert help
>
>I will be glad to listen to a whole bunch of "I told so", but
>I would greatly appreciate a little help first.
>I made a system backup, and backed up the SSL directories
>before trying any of this. I wanted to give an exter
I will be glad to listen to a whole bunch of "I told so", but I would
greatly appreciate a little help first.
I made a system backup, and backed up the SSL directories before trying
any of this. I wanted to give an external SSL cert one more shot. It
didn't work, so I went to revert back to a se
On Wed, 2010-01-20 at 12:21 +, mkitchin.pub...@gmail.com wrote:
> Scott - if there are issues, should they show up immediately? If you
> have to back out, is it still just as easy as regenerating the self
> signed cert?
Yes, they should show up as soon as you restart.
If you think regeneratin
l.com';
sipx-users@list.sipfoundry.org
Subject: RE: [sipx-users] SSL Cert help
Hi,
I have followed Scott's instructions below, converted the Go Daddy root and
intermediate DER (exported from IE) certificates using OpenSSL and placed the
two certificates into the authorities directory
n.pub...@gmail.com]
Sent: Wednesday, 20 January 2010 7:37 a.m.
To: Grant Lang; sipx-users@list.sipfoundry.org
Subject: Re: [sipx-users] SSL Cert help
That is as far as I made it. I stopped when Scott Lawrence wrote the part
below. I'm just going to deal with the error messages until 4.2 I think. I'
what else could it possibly
affect?
Cheers
Grant
*From:* mkitchin.pub...@gmail.com [mkitchin.pub...@gmail.com]
*Sent:* Wednesday, 20 January 2010 7:00 a.m.
*To:* Grant Lang
*Cc:* Tony Graziano; sipx-users@list.sipfoundry.org
*Subject:* Re: [sipx-users] SSL Cert help
Look in
/var/log
mkitchin.pub...@gmail.com [mkitchin.pub...@gmail.com]
Sent: Wednesday, 20 January 2010 7:00 a.m.
To: Grant Lang
Cc: Tony Graziano; sipx-users@list.sipfoundry.org
Subject: Re: [sipx-users] SSL Cert help
Look in
/var/log/sipxpbx/mediaserver_cgi.log
On 1/19/2010 11:58 AM, Grant Lang wrote:
Hi,
sipxpr
#
However the installation might not be perfect as I have been messing
with it around the certificates, so a fresh install and re-test will
be next to make sure that changing the certificate does work as expected.
Cheers
Grant
-
quot;=>"Running",
"ResourceListServer"=>"Running",
"SipXrelay"=>"Running",
"SIPXProxy"=>"Running"}
[r...@sipxserver ~]#
However the installation might not be perfect as I have been messing with it
around the cert
it doesn’t work.
>
>
>
> Cheers
>
> Grant
>
>
>
>
>
>
>
> *From:* sipx-users-boun...@list.sipfoundry.org [mailto:
> sipx-users-boun...@list.sipfoundry.org] *On Behalf Of *Jeff Gilmore
> *Sent:* Tuesday, 19 January 2010 7:55 a.m.
>
> *To:* sipx-users
From: sipx-users-boun...@list.sipfoundry.org
[mailto:sipx-users-boun...@list.sipfoundry.org] On Behalf Of Jeff Gilmore
Sent: Tuesday, 19 January 2010 7:55 a.m.
To: sipx-users@list.sipfoundry.org
Subject: Re: [sipx-users] SSL Cert help
Thanks all for insights.
I'm not sure what went wrong, but have
On 1/18/2010 12:14 PM, Scott Lawrence wrote:
> On Mon, 2010-01-18 at 11:31 -0600, mkitchin.pub...@gmail.com wrote:
>
>> On 1/18/2010 11:13 AM, Scott Lawrence wrote:
>>
>>> Frankly, I wouldn't invest much in getting externally generated keys
>>> working in a 4.0 system. There turn out to
Thanks all for insights.
I'm not sure what went wrong, but have successfully backed out of it
by simply running
/usr/bin/ssl-cert/gen-ssl-keys.sh then /usr/bin/ssl-cert/install-
cert.sh. My copy of /usr/bin/ssl-cert/gen-ssl-keys.sh still has the
2048 byte key change, and it seemed to work O
On Mon, 2010-01-18 at 11:31 -0600, mkitchin.pub...@gmail.com wrote:
> On 1/18/2010 11:13 AM, Scott Lawrence wrote:
> > Frankly, I wouldn't invest much in getting externally generated keys
> > working in a 4.0 system. There turn out to be many potential pitfalls,
> > and it's clear that feature rea
Sent: Mon Jan 18 12:31:15 2010
Subject: Re: [sipx-users] SSL Cert help
On 1/18/2010 11:13 AM, Scott Lawrence wrote:
> Frankly, I wouldn't invest much in getting externally generated keys
> working in a 4.0 system. There turn out to be many potential pitfalls,
> and it's clear
On 1/18/2010 11:13 AM, Scott Lawrence wrote:
> Frankly, I wouldn't invest much in getting externally generated keys
> working in a 4.0 system. There turn out to be many potential pitfalls,
> and it's clear that feature really wasn't ready for prime time. We're
> investing a fair amount of effort
On Mon, 2010-01-18 at 11:00 -0500, Jeff Gilmore wrote:
> I tried doing it all through the web GUI) after first changing the
> underlying /usr/bin/ssl-cert/gen-ssl-keys.sh script (which I assume
> gets called by the web GUI) so that it will generate a 2048 byte key,
> since GoDaddy and other CAs are
I tried doing it all through the web GUI) after first changing the underlying
/usr/bin/ssl-cert/gen-ssl-keys.sh script (which I assume gets called by the web
GUI) so that it will generate a 2048 byte key, since GoDaddy and other CAs are
now requiring longer keys.
It did seem to generate a longe
NOT WORKING! Grant has sent me a private email pointing out a problem that I
too am experiencing after my supposedly successful installation of the SSL Cert
from GoDaddy.
If you go to System/Servers and look at the list of sipx processes, they all
appear as Status: Undefined. I think that s
...@list.sipfoundry.org
[mailto:sipx-users-boun...@list.sipfoundry.org] On Behalf Of Jeff Gilmore
Sent: Sunday, 17 January 2010 2:54 p.m.
To: sipx-users@list.sipfoundry.org
Subject: Re: [sipx-users] SSL Cert help
On Jan 16, 2010, at 5:38 PM, Tony Graziano wrote:
What does
sipxproc -state
Tell you?
/usr/lib
On Jan 16, 2010, at 5:38 PM, Tony Graziano wrote:
What does
sipxproc -state
Tell you?
/usr/lib/ruby/1.8/net/http.rb:586:in `connect': certificate verify
failed (OpenSSL::SSL::SSLError)
from /usr/lib/ruby/1.8/net/http.rb:586:in `connect'
from /usr/lib/ruby/1.8/net/http.rb:
16 Jan 2010 17:55:27
To: Jeff Gilmore;
Subject: Re: [sipx-users] SSL Cert help
and don't forget daddy needs an intermediate cert. Included in the zip file.
What services to restart? From cli , apachectl stop. Apacheclt startssl might
do it.
-Original Message-
From: Jeff Gilmore
startssl
> might do it.
>
> -Original Message-
> From: Jeff Gilmore
> Sent: Saturday, January 16, 2010 5:36 PM
> To: sipx-users@list.sipfoundry.org
> Subject: Re: [sipx-users] SSL Cert help
>
> On Jan 16, 2010, at 4:57 PM, Tony Graziano wrote:
>
>> I did t
y.org
Subject: Re: [sipx-users] SSL Cert help
On Jan 16, 2010, at 4:57 PM, Tony Graziano wrote:
> I did this once.
>
> I created the Certificate Signing Request. Submitted it to GoDaddy and
> downloaded the certificate as text (pasted it in) and did the import.
>
> I can;t remem
I too have been trying to find this answer for quite some time so that users
aren't nervous about the warning. I was told, as I recall, that this is not
quite ready yet. I also have the opportunity to use an external SSL processing
device but this won't work either.
As for the 2048bit cert, you
:
http://www.myitdepartment.net/gethelp/
- Original Message -
From: sipx-users-boun...@list.sipfoundry.org
To: sipx-users@list.sipfoundry.org
Sent: Sat Jan 16 17:36:08 2010
Subject: Re: [sipx-users] SSL Cert help
On Jan 16, 2010, at 4:57 PM, Tony Graziano wrote:
> I did this once.
&g
On Jan 16, 2010, at 4:57 PM, Tony Graziano wrote:
> I did this once.
>
> I created the Certificate Signing Request. Submitted it to GoDaddy and
> downloaded the certificate as text (pasted it in) and did the import.
>
> I can;t remember if I had to restart all sipx services or reboot, in order
I did this once.
I created the Certificate Signing Request. Submitted it to GoDaddy and
downloaded the certificate as text (pasted it in) and did the import.
I can;t remember if I had to restart all sipx services or reboot, in order
to see that it was recognized, but it did work the one time I di
I am trying to install a certificate from a recognized certificate authority,
so my users won't get the warning from the default self-signed certs.
I purchased a cert from Godaddy, but I have been having a lot of difficulty
installing it. The first challenge is that there are 3 different instru
67 matches
Mail list logo
