I have a deployment with Sangoma Phone installed and working well. This deployment backs up and restores to a warm spare server every night. There does not seem to be a way to exclude certificate settings from warm spare backups, even if the certificate manager module is not included in the backup. The result is https is broken each night on the warm spare, and TLS is broken as well since it requires a valid certificate. This ends up breaking incoming calls on the warm spare.
Has anyone run in to this before? It seems like ideally certificates, SSL and TLS settings could be excluded from the backup package. If there is another solution I’d love to hear it.
Not saying that there shouldn’t be a way to exclude SSLs from being copied over to a warm spare but I just wanted to clarify. Pretty sure a Warm Spare isn’t meant to handle calls unless the primary system dies and you manually promote the warm spare to primary and actually make it the primary going forward with everything that this entails (including making sure all the SSL is setup correctly now that it’s the primary).
Our phones automatically fail over to the spare in the event of a primary failure via the sip server 2 setting on the phones themselves, requiring no manual intervention. This works well for most primary server failure scenarios.
