./sgtlstool.sh -c ../config/tlsconfig.yml -ca -crt
Generated certificates on both nodes using same configuration
------tlsconnfig.yml------
###
### Self-generated certificate authority
###
#
# If you want to create a new certificate authority, you must specify its parameters here.
# You can skip this section if you only want to create CSRs
#
ca:
root:
dn: CN=root.ca.example.com,OU=CA,O=Example Com\, Inc.,DC=example,DC=com
keysize: 2048
pkPassword: changeit
validityDays: 3650
file: root-ca.pem
nodes:
- name: node1
dn: CN=node1.example.com,OU=Ops,O=Example Com\, Inc.,DC=example,DC=com
dns: node1.example.com
ip: 10.240.0.6
- name: node2
dn: CN=node2.example.com,OU=Ops,O=Example Com\, Inc.,DC=example,DC=com
dns: node2.example.com
ip: 10.240.0.9
clients:
- name: spock
dn: CN=spock.example.com,OU=Ops,O=Example Com\, Inc.,DC=example,DC=com
- name: kirk
dn: CN=kirk.example.com,OU=Ops,O=Example Com\, Inc.,DC=example,DC=com
admin: true
TLS error only happens if both nodes are running. No errors if i stop either of a node. Certificates are working fine on both the nodes independently but not with
discovery.zen.ping.unicast.hosts: ["31.239.124.150", "31.238.130.20"]
I have sent a logs to in...@search-guard.com as i can't attach here
Thanks
To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/85aac7b7-ef8b-4af8-b048-fff6ecc79b1d%40googlegroups.com.--
You received this message because you are subscribed to the Google Groups "Search Guard Community Forum" group.
To unsubscribe from this group and stop receiving emails from it, send an email to search-guard+unsubscribe@googlegroups.com.
To post to this group, send email to search...@googlegroups.com.