Stefan Kania
2024-Jan-26 18:12 UTC
[Gluster-users] Gluster communication via TLS client problem
Hi Aravinda Am 26.01.24 um 17:01 schrieb Aravinda:> Does the combined glusterfs.ca includes client nodes pem? Also this file > need to be placed in Client node as well.Yes, I put all the Gluster-node Certificates AND the client certificate into the glusterfs.ca file. And I put the file to all gluster-nodes and clients. I did it twice (delete all certificate and restart all over)the result was always the same. Stefan -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 3477 bytes Desc: Kryptografische S/MIME-Signatur URL: <http://lists.gluster.org/pipermail/gluster-users/attachments/20240126/1705993d/attachment.p7s>
Strahil Nikolov
2024-Jan-28 07:44 UTC
[Gluster-users] Gluster communication via TLS client problem
Usually with Certificates it's always a pain.I would ask you to regenerate the certificates but by adding the FQDN of the system and the IP used by the clients to reach the brick in 'SANS' section of the cert. Also, set the validity to 365 days for the test. Best Regards,Strahil Nikolov On Fri, Jan 26, 2024 at 21:37, Stefan Kania<stefan at kania-online.de> wrote: Hi Aravinda Am 26.01.24 um 17:01 schrieb Aravinda:> Does the combined glusterfs.ca includes client nodes pem? Also this file > need to be placed in Client node as well.Yes, I put all the Gluster-node Certificates AND the client certificate into the glusterfs.ca file. And I put the file to all gluster-nodes and clients. I did it twice (delete all certificate and restart all over)the result was always the same. Stefan -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.gluster.org/pipermail/gluster-users/attachments/20240128/6ed149c6/attachment.html>