Freepbx hangs failing to refresh keys

The Configuration

FreePBX 14.0.5.25
System 12.7.5-1902-3.sng7
Memory 32GB
Disk 512GB (mostly free)

Background

I am training receptionists on a new pbx and want to simulate many simultaneous incoming calls.

I make 3 internal calls from seperate extensions to extension 888 which has follow me settings to immediately go to a Ringall Group.
The group contains 2 reception phones which are both in the Ringall Group. There are no others in the Ringall Group.

2 calls go fine. The 3rd call starts off ok but the ringall group (set to ignore if agent is busy) simply continues to ring without presenting to the group.

If I hang up all calls the system is unable to process any other calls and is “hung”. I can only continue by running fwconsole restart.

At the time of the hang …

From the freepbx.log…

[2019-Mar-31 07:23:21] [ERROR] (BMO/GPG.class.php:580) - Tried to refresh keys and failed with: gpg: refreshing 2 keys from hkp://pool.sks-keyservers.net
gpg: requesting key 69D2EAD9 from hkp server pool.sks-keyservers.net
gpg: requesting key B33B4659 from hkp server pool.sks-keyservers.net
gpg: no valid OpenPGP data found.
gpg: Total number processed: 0

In terminal I then ran …

fwconsole ma refreshsignatures

… all good

[[email protected] comtelresources]# sudo -u asterisk gpg --refresh-keys --keyserver pool.sks-keyservers.net
gpg: refreshing 2 keys from hkp://pool.sks-keyservers.net
gpg: requesting key 69D2EAD9 from hkp server pool.sks-keyservers.net
gpg: requesting key B33B4659 from hkp server pool.sks-keyservers.net
gpg: packet(13) too large
gpg: read_block: read error: Invalid packet
gpg: Total number processed: 0
gpg: no valid OpenPGP data found.

[[email protected] comtelresources]# sudo -u asterisk gpg --refresh-keys --keyserver pgp.mit.edu
gpg: refreshing 2 keys from hkp://pgp.mit.edu
gpg: requesting key 69D2EAD9 from hkp server pgp.mit.edu
gpg: requesting key B33B4659 from hkp server pgp.mit.edu
gpg: packet(13) too large
gpg: read_block: read error: Invalid packet
gpg: Total number processed: 0
gpg: no valid OpenPGP data found.
gpgkeys: HTTP fetch error 18: transfer closed with 28726718 bytes remaining to read

[[email protected] comtelresources]# sudo -u asterisk gpg --refresh-keys --keyserver keyserver.pgp.com
gpg: refreshing 2 keys from hkp://keyserver.pgp.com
gpg: requesting key 69D2EAD9 from hkp server keyserver.pgp.com
gpg: requesting key B33B4659 from hkp server keyserver.pgp.com
gpg: keyserver timed out
gpg: keyserver refresh failed: Keyserver error

[[email protected] comtelresources]# sudo -u asterisk gpg --refresh-keys --keyserver hkp://keyserver.ubuntu.com:80
gpg: refreshing 2 keys from hkp://keyserver.ubuntu.com:80
gpg: requesting key 69D2EAD9 from hkp server keyserver.ubuntu.com
gpg: requesting key B33B4659 from hkp server keyserver.ubuntu.com
gpgkeys: key 2016349F5BC6F49340FCCAF99F9169F4B33B4659 not found on keyserver
gpg: key 69D2EAD9: “FreePBX Mirror 1 (Module Signing - 2014/2015) [email protected]” not changed
gpg: Total number processed: 1
gpg: unchanged: 1

The pbx hangs and I cannot make or receive calls.
My only option is to fwconsole restart.

I have recreated this issue at 2 different locations on different hardware.

Any help REALLY APPRECIATED.

Regards

Additional information…
If I run gpg --refresh-keys --keyserver pool.sks-keyservers.net
… I get…
gpg: refreshing 2 keys from hkp://pool.sks-keyservers.net
gpg: requesting key 69D2EAD9 from hkp server pool.sks-keyservers.net
gpg: requesting key B33B4659 from hkp server pool.sks-keyservers.net
gpgkeys: key 1013D73FECAC918A0A25823986CE877469D2EAD9 can’t be retrieved
gpg: packet(13) too large
gpg: read_block: read error: Invalid packet
gpg: Total number processed: 0
gpg: no valid OpenPGP data found.

You’ve got a whole lot of good information there, but I don’t think it means everything you expect it to mean.

  • The PGP keys are for your TLS implementation for your server, which may or may not be in play here. In my experience, this shouldn’t be run as ‘asterisk’, although if it works, I don’t see a problem with it.

  • The “fwconsole ma refreshkeys” command refreshes the code-signing signatures for the modules. This should be run as ‘asterisk’ but doesn’t actually seem to have anything to do with the problems you are describing.

  • Ring-groups don’t really anything to do with either of these. I don’t see how a TLS key service problem can cause what you are seeing as a problem.

My suspicion is that the key refresh problem has nothing to do with the problem you are describing.

The fact that you are using ring groups instead of a queue (or queues) might be more important here. Ring Groups just ring a bunch of phones. If the phones are busy when the call comes into an RG, the phone will not ring and the phone will never ring once the RG is instantiated. If you want this to work in the way you are describing, I’m pretty sure you need to set up a queue and let the receptionist be the respondents to the queue as agents. This also expands your capability by allowing management to log themselves in to the queue so that they can help out during peak periods.

Hi cynjut,
Firstly, thank you VERY much for your reply.
You were correct, the Ring Groups issue was not the cause, the timing in the logs was simply coincidental.
I have changed my configuration to the Queue methodology and I am seeing benefits already!
Thank you again. I now understand the key issue a little more and it probably explains why I was having some TLS issues earlier.
Regards

1 Like

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.