10-01-2020 01:28 PM - edited 10-01-2020 01:37 PM
Hi Dears
I want to make cluster of expressway e & c , for the C servers, i done have any problem, and they clustered, but when i want to cluster the e servers, they can't cluster together, and it showing error on cluster of expressway e:
certificate: invalid
clustering:failed
they are same version and they have same option keys and i generate certificate with cluster fqdn name and peer1 fqdn name and peer 2
i set a record dns for cluster name and two expressways in internal dns
i don't know what's the problem
10-01-2020 01:35 PM - edited 10-01-2020 01:57 PM
If you test name resolution on the Es can they resolve all the names in your cluster configuration?
10-01-2020 01:59 PM
10-01-2020 10:14 PM - edited 10-02-2020 12:21 AM
What about the cluster members names, can Es resolve them? I’ll have to check the configuration guide, but I’m fairly certain that the cluster name should not resolve to both the IPs of what I assume is your Es public IPs. If it would be the internal and external IPs that resolve then your not doing this correctly.
10-02-2020 12:18 AM
The configuration guide for how to form a cluster is pretty well written. Have a read though and try again, it shouldn't be to hard to get the cluster formed if you follow the outline.
10-01-2020 10:18 PM
You have two mode on expressway clustering page for TLS. Permissive and enforced. Use permissive till you have a proper certificate. Once certificates are as per requirement then change it to enforced.
You can follow the below link to generate proper csr for your cluster.
https://video.cisco.com/video/5809964179001
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide