01-25-2024 05:33 AM
Hello.
I have cluster with Pub and one Sub. Sub is completely damaged after power failure, Recovery by fsck do not resolved problem. I'm gonna re-build Sub from scratch with same DNS name. Should I first remove it from Pub and add as new with same DNS name or just install? I'm not sure if Pub has old Sub SSH key and use it during nodes connection.
Regards
Solved! Go to Solution.
01-25-2024 05:38 AM
You don't need to remove and re-add the subscriber from the publisher as long as you will be rebuilding using the same name and IP address. If the old subscriber had a CA signed certificate for Tomcat, you will need to generate a new CSR and get that re-issued. Don't forget to upload any required tomcat-trust certificates for the relevant CA's.
01-25-2024 05:38 AM
You don't need to remove and re-add the subscriber from the publisher as long as you will be rebuilding using the same name and IP address. If the old subscriber had a CA signed certificate for Tomcat, you will need to generate a new CSR and get that re-issued. Don't forget to upload any required tomcat-trust certificates for the relevant CA's.
01-25-2024 07:38 AM - edited 01-25-2024 07:39 AM
@Elliot Dierksen If the OP is planning to do a DRS restore there should be no need to create any new CSR. Also if the OP uses a multi SAN certificate for Tomcat there should be no need to create anything new in regards to certificates.
@Hermozol I would recommend you to look into doing a DRS restore if you are not heading in that direction already. With that you'll get back to the as where before state with as little hassle as possible.
01-25-2024 08:57 AM
If the server is using a multi SAN certificate, you will either have to do a DRS restore or redo the CSR for the MSAN certificate. It will not automatically propagate to the added subscriber. Unfortunately I have first hand experience with that...
01-25-2024 01:01 PM - edited 01-25-2024 11:24 PM
That why I advocate to go down the DRS route as that is the best way to restore the subscriber with all the files and options.
01-25-2024 11:07 PM
Thank you for your confirmation. This is what I expected because I don't think there is a private key propagation mechanism.
01-25-2024 06:38 AM
As @Elliot Dierksen commented, You can skip deleting the Sub from CUCM publisher if you are using the same IP and hostname. Just proceed with the Sub installation.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide