06-05-2014 05:29 PM - edited 03-16-2019 11:01 PM
Hello Everyone,
I have an issue where I have some certs that were installed in the cluster (IPsec-trust, TVS-trust, Tomcat-trust, i.e.) When I delete these off the pub and the subs, they keep coming back. I have turned off replication and TVS services, but as soon as I delete these certs they come back. Is there something such as a service that I should be shutting down that I am not??
Can anyone tell me what I am doing wrong? I can't figure this out to save my life.
Thanks in advance for any help!!
Regards!
Bob
06-06-2014 05:21 AM
The eg tomcat certificates of the other nodes in the cluster are automatically imported as tomcat-trust and similar.
You could check the serial numbers to check if this is the case.
06-06-2014 06:28 AM
These are most likely self signed certs which are required if you don't upload CA signed certs. You can look at the certs to validate who signed them.
Chris
08-14-2014 06:21 PM
I found the correct services that need to be turned off to be able to delete certs and not have them automatically be replicated from the cluster. The services are as follows:
Stop the Cisco Certificate Expiry Monitor and Cisco Certificate Change Notification services on all of the servers in the cluster
Refer to this Cisco document...
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide