key > Thanks for reply. I will explain my environment as it is quite bit different > then usual setup. I am using gluster 3.4. > For now i am using gluster to sync 2 servers - both have bricks attached - so > i can say that they both are servers and clients (let say master-master > config) - i need this setup to ensure that when one node goes offline, files > are still intact - i have that setup on other environments with more nodes > and it works great (thus on them gluster works via vpn). > To be exact: on both servers there is local “brick” and it is mounted by: > > mount -t glusterfs host-X:/gv0 /mnt/gv0 > > so even when last replica goes offline, files are still there for last > running server. > > Answering your question: yes certs are properly installed - i have tried > various combinations - but now i am not sure if my config do not make > confusion for the glusterfs. > > What do you think?
Assuming that your keys/certs were generated something like this... openssl genrsa -out $SSL_KEY 1024 openssl req -new -x509 -key $SSL_KEY -subj /CN=Anyone -out $SSL_CERT ...and that the following relationships apply... glusterfs.pem and glusterfs.key match on each host glusterfs.pem on host-X == glusterfs.ca on host-Y glusterfs.pem on host-Y == glusterfs.ca on host-X ...then there's no obvious reason it wouldn't work. First thing I'd consider is whether something like SELinux is preventing access to those files (perhaps using strace to verify). Another thing to try would be to use s_server and s_client (part of the OpenSSL package) to ensure that *they* can work with those files. Lastly, _______________________________________________ Gluster-devel mailing list Gluster-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/gluster-devel
