06-08-2020 09:56 PM
I just upgraded three VCSc systems and clustered them. Getting TLS verification alarms.
Not using TLS.
Peer one is an old appliance running X8.8.2
Peer two is a new VM running X8.8.2
Peer three is a new VM running X8.8.2
The Peer one is the master.
Verified clustering is Active on each peer.
the Master one suggesting to change TLS mode to Enforcing.
When I did that the cluster link failed and turned it back off.
Cluster peers went green but still getting the TLS alarm raised.
06-08-2020 11:01 PM - edited 06-09-2020 01:09 AM
Please take a screenshot of your cluster configuration and share it. Do you have CA signed server certificates on all the cluster nodes and does all nodes have the CA root and if applicable intermediate certificate(s) in its CA trust store (Trusted CA certificate page)?
06-09-2020 12:10 AM
Hi,
Came across this bug
06-09-2020 02:31 AM
NOTE: The cluster is set in the permissive mode .. Not running TLS at the moment.
Looks like it's the bug that was identified earlier ...
We plan to enable TLS later in the year
So it appears the cluster is in fact working just getting the raised alarm looking for TLS Verification.
06-09-2020 04:23 AM
Please note that if you want to run TLS verification mode Enforce you need to have CA signed certificates for each node in the cluster and you need to use resolvable FQDN names in cluster configuration.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide