On Wed, Nov 30, 2022 at 02:05:20AM +0000, chengyechun wrote: > I'm testing the IPv4 and IPv6 dual-stack mode. That is, two certificates are > configured on the server. One certificate is generated by the IPv4 network > port and the other certificate is generated by the IPv6 network port. There > are two clients. If the IPv4 certificate is placed on the IPv6 certificate, > the IPv4 client can be authenticated successfully, but the IPv6 client cannot > pass the TLS authentication.
Do the certificates contain a different name? If there are multiple certificates with the same name, the server will provide only one the clients. > This is strange. Although the bindaddress parameter does not support IPv4 and > IPv6 at the same time You can have two bindaddress directives in the config, one for IPv4 and one for IPv6. > the ntsservercert parameter can be set to multiple values. Is there any > impact between these two parameters? > The following figure shows the configuration of the server. It's not clear to me why you need two certificates and what it has to do with IPv4 vs IPv6. -- Miroslav Lichvar -- To unsubscribe email chrony-users-requ...@chrony.tuxfamily.org with "unsubscribe" in the subject. For help email chrony-users-requ...@chrony.tuxfamily.org with "help" in the subject. Trouble? Email listmas...@chrony.tuxfamily.org.
