Hi Community members,
I'm wondering if anyone of you has some experience with clustering the conductors via TLS.
With this major update the TLS enforcement for the verification mode has been activated.
However, we used in the past IPSec for clustering two conductors and wanted to switch to TLS.
We requested new certificates with an additional X509 IP entry.
When leaving the cluster on "Permisssive" verification mode everything works fine. We just get the warning that the server allows an unsecure clustering.
When switching on the primary peer to "Enforce" for using TLS, the local IP OR the FQDN (I know that is not recommended) and certificate are valid. The remote peer is shown as invalid and clustering fails.
The remote peer takes over the change of verification and shows "Enforce" after a page refresh.
The first entry (of the primary peer) is shown as invalid while the second entry (its own IP) is shown as valid.
Both systems can perform a DNS lookup to the remote peer, ping and trace it.
Has anyone encountered the same issue? Or did anyone clustered conductors via TLS successfully?
