I went ahead and did what I thought was right and it indeed works. The auto detection of multiple DNS records is a very neat feature. Very COOL!
thanks Wesley Craig wrote: > On 27 Feb 2008, at 12:29, Paul M Fleming wrote: >> How do you setup the filter CosignHostname and cgi "set cosignhost" to >> point to both replicas? multiple A records don't work in my current >> setup because the cosignd cert cn matches the individual host names. If >> you use multiple A records how do you specify the replica (-h option) >> and make the cert cn / hostname checks happy? > > monster & cosignd are able to detect when they are talking to themselves. > >> If I read the code correctly is this the correct solution? >> >> cosign.foo.bar IN A 1.1.1.1 >> IN A 1.1.1.2 >> >> 1.1.1.1 & 1.1.1.2 cosignd cert cn set to cosign.foo.bar >> >> set cosignhost and CosignHostname set to cosign.foo.bar >> cosignd and monster -h set to cosign.foo.bar >> >> Is this correct? > > Yup. > > :wes ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ Cosign-discuss mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/cosign-discuss
