Warm spare loses pjsip certificate choice

On PBXact 15 configured with warm spare, the trunks require TLS, so on both primary and spare (which have different trunk configurations), in Asterisk SIP Settings → PJSIP, TLS is configured and a certificate is selected.

The backup config on the primary excludes the Certificate Management module, Asterisk SIP Settings module, and has “Exclude CERTIFICATE Settings” set to yes.

Yet, after each warm spare backup/restore cycle, the PJSIP TLS setup reverts to this:

What is causing the certificate to be un-selected?

The result of this is that connections initiated to the warm spare are dropped. When there is a problem with the primary network and the warm spare is in service, we have to log in to it and select the certificate and reload, making this more of a luke-warm spare.

Man, all sorts of Warm spare issues experienced and reported recently. Wouldn’t be surprised if this wasn’t just another issue with the backup module.


I added a hacky cron job to set the certificate each morning and reload. :-1:

0 5 * * * /usr/sbin/fwconsole kvstore --action set --key pjsipcertid --value "3" Sipsettings >/dev/null && /usr/sbin/fwconsole r >/dev/null

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.