Scott,
I have checked in another revision. Please take a look in particular at
the sections excerpted below (excuse the formatting, which got mangled
on copy/paste).
-Walter
Download and Install sipX
Follow the same installation procedure
for both machines, but disable all services on the DS except for:
Do this by
editing the file /etc/sipxpbx/WatchDog.xml on the DS. (For safety,
first make a backup copy of the file, e.g., WatchDog.xml.bak) Each
process has an entry like this one for the publisher/status server:
<process name="SIPStatus"
restart="enable"
max_restarts="3" report="enable" max_reports="3">
<failure_contact
method="email">wgillett (at) localhost</failure_contact>
</process>
Remove (or comment out) the entries
the entries for all processes except the three listed above, which
conveniently appear at the top of WatchDog.xml in the order listed.
After doing that, we recommend opening the WatchDog.xml file in a web
browser to make sure that the XML format is intact (the file is still
“well-formed” XML).
SSL Key and Certificate Installation
You need to install SSL keys and
certificates on both machines. Each machine needs its own unique
certificate and key pair. Both certificates must be signed by the
same Certificate Authority.
This process is described for a single
server in the file sipXcommserverLib/doc/INSTALL.ssl. To set up SSL
for two servers (MS and DS), using self-signed certificates:
-
Generate
the CA certificate/key pair.
-
Generate
both server certificates/key pairs on the MS.
-
Archive
the
CA key pair securely.
-
Install
the
CA certificate and the MS certificate/key pair on the MS.
-
Copy the
CA
certificate to a temporary directory on the DS.
-
Move the
DS
certificate and key pair to the same directory on the DS (remove these
files from the MS).
-
Install the CA certificate and the
DS certificate/key pair on the DS.