Hello,

I am in the process of setting up my first csync2 webserver cluster and it
is going pretty well, except I cannot seem to get the servers to
communicate when I enable SSL.

Before filing a bug report, I just want to make sure I am doing everything
correctly.
I am running the latest Ubuntu 12.04 package version of csync2
(1.34-2.2build1).

1. First I install the csync2 package on both servers in the cluster.

Server1# sudo apt-get install csync2
Server2# sudo apt-get install csync2

2. Then I create the certificate file on the primary server.

Server1# sudo openssl genrsa -out /etc/csync2_ssl_key.pem 1024

Server1# sudo openssl req -new -subj '/C=US/ST=Washington/L=Everett' -key
csync2_ssl_key.pem -out csync2_ssl_cert.csr

Server1# sudo openssl x509 -req -days 600 -in csync2_ssl_cert.csr -signkey
csync2_ssl_key.pem -out csync2_ssl_cert.pem

3. After having setup the certificates, I create the csync2 key by
performing the following:

Server1# sudo csync2 -k /etc/csync2_ssl_cert.key

4. Next, I edit the configuration file at /etc/csync2.cfg as follows.

group website {
host Server1;
host Server2;
 key /etc/csync2_ssl_cert.key;
 include /var/www/;
 include /opt/coldfusion10/cfusion/CustomTags;
 include /opt/coldfusion10/cfcs;
 auto none;
}

5. Two additional host specific configuration files are then required.

/etc/csync2_Server1.cfg:

group server1 {
  host Server1;
  host (Server2);
  key /etc/csync2_ssl_cert.key;
  include /var/www/;
  include /opt/coldfusion10/cfusion/CustomTags;
  include /opt/coldfusion10/cfcs;
  auto none;
}

/etc/csync2_Server2.cfg:

group Server2 {
  host Server2;
  host (Server1);
  key /etc/csync2_ssl_cert.key;
  include /var/www/;
  include /opt/coldfusion10/cfusion/CustomTags;
  include /opt/coldfusion10/cfcs;
  auto none;
}

6. I copy all the configs and certs the first server to rest of the servers:

Server1# sudo scp /etc/csync2* admin@Server2:/etc/

7. Then I copy the directories I specified in the csync2.cfg over scp so
they are identical before we begin.

8. Once that is done, I try to run a test by running the following commands.

Server2# sudo csync2 -iii -vvvv
Server1# sudo csync2 -T -vvvv

*---------**Screen Output** Server2--------*
Server2# sudo csync2 -iii -vvvv
Csync2 daemon running. Waiting for connections.
<6905> New connection from 192.168.57.13:46993.
Peer> SSL\n
Local> OK (activating_ssl).\n
<6905> Establishing SSL connection failed.
*-------End-------*

*-------Screen Output Server1-------*
Server1# sudo csync2 -T -vvvv
My hostname is Server1.
Database-File: /var/lib/csync2/Server1.db
Config-File:   /etc/csync2.cfg
Running in-sync check for Server1 <-> Server2.
Connecting to host Server2 (SSL) ...
Local> SSL\n
Peer> OK (activating_ssl).\n
Establishing SSL connection failed.
*-------End-------*

Like I mentioned earlier, if I remove SSL it starts working fine.
Am I missing a step in my setup? or is there another location or log I
should be looking at?

Any help would be greatly appreciated.

Thank you!

[image: Everett Community College] <http://www.everettcc.edu/>
Alex Zimmerman / Information Technology Specialist III
Web Data & Development Services / Enterprise Services / Information
Security
Direct line:(425) 259-8724 / Help Desk:(425)388 9333
email: azimmer...@everettcc.edu  [image: Twitter]
<http://www.twitter.com/liquidspikes>  [image: Linkedin]
<http://www.linkedin.com/in/alexzimmerman/>
*How did I do? Please take a minute to help us improve our IT service by
completing the *
*IT Feedback Survey. <http://goo.gl/J3nGC> (http://goo.gl/J3nGC
<http://goo.gl/J3nGC>)*
*Thank you!*
_______________________________________________
Csync2 mailing list
Csync2@lists.linbit.com
http://lists.linbit.com/mailman/listinfo/csync2

Reply via email to