[Csync2] Certificate setup
Valentin Vidic
Valentin.Vidic at CARNet.hr
Thu Jun 16 13:32:52 CEST 2016
Hi,
I would like to know what is the expected setup of
certificates for csync2?
The only setup that works for me is using the same
certificate on all hosts. If the certs are not
the same the connection fails with an error on
the server:
csync2[14532]: SSL: handshake failed: No certificate was found. (GNUTLS_E_NO_CERTIFICATE_FOUND)
Looking at the TLS connection the server requests
the client certificate and uses it's own certificate
as CA. If the client doesn't have the same cert
it sends an empty certificate (length = 0).
So it seems it will only work if all the servers
have the same cert (or same CA). However all the
documentation I found suggests the certs can be
generated independently on all hosts and get
stored on the first connection.
--
Valentin
More information about the Csync2
mailing list