What I did to build this test system was: Install sipX 4.0.4 from ISO backup the primary production server via sipXconfig backup the secondary production server from command line (sipx-backup)
restore both the primary and secondary servers via command line in the test environment. After I do this, firefox cannot connect because of an SSL issue. To get around this I load up sipXconfig on IE and send profiles to the server. I then perform the 4.2 upgrade. After the 4.2 upgrade everything ran fine for a few hours then that certificate error popped up. stunnel on both servers is 4.28-1 config is identical on both servers: service = sipxcallresolver-agent pid = /var/run/sipxpbx/sipxcallresolver-agent.pid verify = 2 debug = 5 output = /var/log/sipxpbx/sipxcallresolver-agent.log CApath = /etc/sipxpbx/ssl/authorities cert = /etc/sipxpbx/ssl/ssl.crt key = /etc/sipxpbx/ssl/ssl.key client = no foreground = yes [postgresql] accept = 9300 connect = 5432 Josh Patten Assistant Network Administrator Brazos County IT Dept. (979) 361-4676 On 5/3/2010 10:40 AM, DANS, RAYMOND (RAYMOND) wrote: >> On 4/30/2010 1:50 PM, Josh Patten wrote: >> >>> Today on my test 4.2 environment I received an alarm email that the >>> CallResolver-Agent stopped unexpectedly on the secondary HA >>> >> server and >> >>> could not start. Here was the error: >>> >>> 2010.04.30 13:43:04 LOG7[5134:3086362320]: RAND_status claims >>> sufficient entropy for the PRNG 2010.04.30 13:43:04 >>> LOG7[5134:3086362320]: PRNG seeded successfully 2010.04.30 13:43:04 >>> LOG7[5134:3086362320]: Certificate: /etc/sipxpbx/ssl/ssl.crt >>> 2010.04.30 13:43:04 LOG7[5134:3086362320]: Certificate loaded >>> 2010.04.30 13:43:04 LOG7[5134:3086362320]: Key file: >>> /etc/sipxpbx/ssl/ssl.key 2010.04.30 13:43:04 LOG7[5134:3086362320]: >>> Private key loaded 2010.04.30 13:43:04 LOG7[5134:3086362320]: Verify >>> directory set to /etc/sipxpbx/ssl/authorities 2010.04.30 13:43:04 >>> LOG7[5134:3086362320]: Added /etc/sipxpbx/ssl/authorities revocation >>> lookup directory 2010.04.30 13:43:04 LOG7[5134:3086362320]: SSL >>> context initialized for service postgresql 2010.04.30 13:43:04 >>> LOG3[5134:3086362320]: FIPS_mode_set: 2D06C06E: error:2D06C06E:FIPS >>> routines:FIPS_mode_set:fingerprint does not match >>> >>> Any recommendation on how I should tackle this problem? It >>> >> looks like >> >>> I have a certificate issue but I'm not sure. >>> >>> > Josh, can you tell me what version of stunnel you're using (rpm -qa | grep > stunnel) and also show me your stunnel configuration file (usually its > /etc/sipxpbx/sipxcallresolver-agent-config). I've never seen this issue > before nor can I find any information on it. > > The current version of stunnel that we're using is 4.26-1. > > Thanks > Raymond _______________________________________________ sipx-users mailing list sipx-users@list.sipfoundry.org List Archive: http://list.sipfoundry.org/archive/sipx-users Unsubscribe: http://list.sipfoundry.org/mailman/listinfo/sipx-users sipXecs IP PBX -- http://www.sipfoundry.org/