[Spce-user] Can't connect to 127.0.0.1:1442 (certificate verify failed)
Alex Lutay
alutay at sipwise.com
Mon Jun 6 05:43:35 EDT 2016
Hi all,
On 06/04/2016 04:25 PM, Serge Yuriev wrote:
> Subject:Cron <root at host> if /usr/sbin/ngcp-check_active -q; then /usr/sbin/ngcp-fraud-daily-lock; fi
It means you have selfsigned certificate.
As some components were switch to internal REST API the trusted cert is
really mandatory now. Leaving in a world on corporate PRO/Carrier
solutions we missed the fact of spce@ insecure users.
It is HIGHLY recommended to use option
> security > ngcp-panel > scripts > restapi > sslverify
in TEST env ONLY, for any kind of production setup the trusted
certificate is MUST have. They are free nowadays and requires
15 minutes to achieve/install one.
I highly recommend you to use trusted certificate from
https://letsencrypt.org or https://www.startssl.com
or other companies. It is 2016 year nowadays, and all Debian Jessie
libraries forces us to use trusted SSL connections.
Please follow the advice.
P.S. I have added SSL trusted cert requirements on mr4.3.1 release notes
I will improve ngcp-upgrade to check certificates and warn spce@ users
about selfsigned certs before the upgrade. Tnx for understanding!
----
>> 502 Bad Gateway <html>
It means ngcp-panel did not start.
please check ngcp-panel log for more information.
--
Alex Lutay
More information about the Spce-user
mailing list