Hi, Benjamin, Please try the certs in the attachment. To use those certs, you have to change the name of your cluster to "MyCluster".
Or you can modify the template files in the attachment then use them when you use the certtool (with --template xxx.tmp). Please note that the CN in both client and server cert should be same as the cluster name. Tell me the result. Thanks! On 5/10/07, Benjamin Lawetz <[EMAIL PROTECTED]> wrote:
I've been trying to get the quorum server to work for the past couple of days. But whenever I launch heartbeat I juste get on the quorumd server logs: May 8 14:50:42 quorumd: [10151]: WARN: handshake failed May 8 14:50:42 quorumd: [10151]: ERROR: on_listen tls handshake failed I'm sure it's a stupid problem with the x.509 certificates, but tried and retried to generate them but to no avail. I've tried looking at the heartbeat logs, but there's so much information and I don't know what I'm looking for. The only part that might match would be: May 8 14:50:44 crmd: [3455]: info: mem_handle_event: Got an event OC_EV_MS_INVALID from ccm May 8 14:50:44 crmd: [3455]: info: mem_handle_event: instance=35, nodes=2, new=2, lost=0, n_idx=0, new_idx=0, old_idx=4 May 8 14:50:44 crmd: [3455]: info: crmd_ccm_msg_callback: Quorum lost after event=INVALID (id=35) May 8 14:50:44 crmd: [3455]: ERROR: do_ccm_update_cache: 2 nodes w/o quorum Is there anything essential I might have missed in the certificate creationg? I followed the direction from here: http://www.linux-ha.org/QuorumServerGuide I set the common name to the name of the cluster (the one that shows up in /etc/ha.d/quorumd.conf). I did not set a password for the certificates. Certtool asks alot of questions, answered to the best of my knowledge... I will update the wiki once I figure this out ! -- Benjamin TéliPhone inc. -------------- N'envoyé pas de courriel à l'adresse qui suit, sinon vous serez automatiquement mis sur notre liste noire. [EMAIL PROTECTED] Do not send an email to the email above or you will automatically be blacklisted. _______________________________________________ Linux-HA mailing list [email protected] http://lists.linux-ha.org/mailman/listinfo/linux-ha See also: http://linux-ha.org/ReportingProblems
-- Best Regards, Huang Zhen (zhenh) http://www.linux-ha.org/HuangZhen
certs.tgz
Description: GNU Zip compressed data
_______________________________________________ Linux-HA mailing list [email protected] http://lists.linux-ha.org/mailman/listinfo/linux-ha See also: http://linux-ha.org/ReportingProblems
