Hi,

I would like to know what is the expected setup of
certificates for csync2?

The only setup that works for me is using the same
certificate on all hosts. If the certs are not
the same the connection fails with an error on
the server:

  csync2[14532]: SSL: handshake failed: No certificate was found. 
(GNUTLS_E_NO_CERTIFICATE_FOUND)

Looking at the TLS connection the server requests
the client certificate and uses it's own certificate
as CA.  If the client doesn't have the same cert
it sends an empty certificate (length = 0).

So it seems it will only work if all the servers
have the same cert (or same CA). However all the
documentation I found suggests the certs can be
generated independently on all hosts and get
stored on the first connection.

-- 
Valentin
_______________________________________________
Csync2 mailing list
Csync2@lists.linbit.com
http://lists.linbit.com/mailman/listinfo/csync2

Reply via email to