cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
206
Views
5
Helpful
2
Replies
Highlighted
Beginner

New Subscriber does not have multi-san certificate

Hi guys,

In the existing cluster there is multi-san tomcat certificate given by CA. New added subscriber only taken tomcat-trust, but does not have the same tomcat certificate. It is using self-signed tomcat certificate. I cant upload multisan tomcat certificate, it seems have to generate csr.

What is the solution for the case?

Regenerating clusterwide multisan certificate and upload to publisher again? Will it distribute certificate and new subscriber get new one?

 

Regards

Everyone's tags (1)
1 ACCEPTED SOLUTION

Accepted Solutions
Hall of Fame Cisco Employee

Re: New Subscriber does not have multi-san certificate

All that is completely expected, the multi-SAN certificate is only distributed to servers which were already part of the cluster and the CSR generation includes them all by default. 

 

So, yes, you'd need to go through the multi-san CSR procedure again if you want that new server to also use a multi-san certificate.

HTH

java

if this helps, please rate

View solution in original post

2 REPLIES 2
Hall of Fame Cisco Employee

Re: New Subscriber does not have multi-san certificate

All that is completely expected, the multi-SAN certificate is only distributed to servers which were already part of the cluster and the CSR generation includes them all by default. 

 

So, yes, you'd need to go through the multi-san CSR procedure again if you want that new server to also use a multi-san certificate.

HTH

java

if this helps, please rate

View solution in original post

Beginner

Re: New Subscriber does not have multi-san certificate

Thanks for the quick answer Jaime. So Single CSR for all servers, correct?
CreatePlease to create content
Content for Community-Ad
August's Community Spotlight Awards
This widget could not be displayed.