<div dir="ltr"><div>Hello,</div><div><br></div><div>I am in the process of setting up my first csync2 webserver cluster and it is going pretty well, except I cannot seem to get the servers to communicate when I enable SSL.</div><div><br></div><div>Before filing a bug report, I just want to make sure I am doing everything correctly.</div><div>I am running the latest Ubuntu 12.04 package version of csync2 (1.34-2.2build1).</div><div><br></div><div>1. First I install the csync2 package on both servers in the cluster.</div><div><br></div><div>Server1# sudo apt-get install csync2</div><div>Server2# sudo apt-get install csync2<br></div><div><br></div><div>2. Then I create the certificate file on the primary server.</div><div><div><br></div><div>Server1# sudo openssl genrsa -out /etc/csync2_ssl_key.pem 1024</div><div><br></div><div>Server1# sudo openssl req -new -subj '/C=US/ST=Washington/L=Everett' -key csync2_ssl_key.pem -out csync2_ssl_cert.csr</div><div><br></div><div>Server1# sudo openssl x509 -req -days 600 -in csync2_ssl_cert.csr -signkey csync2_ssl_key.pem -out csync2_ssl_cert.pem</div><div><br></div><div>3. After having setup the certificates, I create the csync2 key by performing the following:</div><div><br></div><div>Server1# sudo csync2 -k /etc/csync2_ssl_cert.key</div></div><div><br></div><div><div>4. Next, I edit the configuration file at /etc/csync2.cfg as follows.</div><div><br></div><div>group website {</div><div>host Server1;</div><div>host Server2;</div><div> key /etc/csync2_ssl_cert.key;</div><div> include /var/www/;</div><div> include /opt/coldfusion10/cfusion/CustomTags;</div><div> include /opt/coldfusion10/cfcs;</div><div> auto none;</div><div>}</div><div><br></div><div>5. Two additional host specific configuration files are then required.</div><div><br></div><div>/etc/csync2_Server1.cfg:</div><div><br></div><div>group server1 { </div><div> host Server1;</div><div> host (Server2);</div><div> key /etc/csync2_ssl_cert.key;</div><div> include /var/www/;</div><div> include /opt/coldfusion10/cfusion/CustomTags;</div><div> include /opt/coldfusion10/cfcs;</div><div> auto none;</div><div>}</div><div><br></div><div>/etc/csync2_Server2.cfg:</div><div><br></div><div>group Server2 {</div><div> host Server2;</div><div> host (Server1);</div><div> key /etc/csync2_ssl_cert.key;</div><div> include /var/www/;</div><div> include /opt/coldfusion10/cfusion/CustomTags;</div><div> include /opt/coldfusion10/cfcs;</div><div> auto none;</div><div>}</div></div><div><br></div><div><div>6. I copy all the configs and certs the first server to rest of the servers:</div><div><br></div><div>Server1# sudo scp /etc/csync2* admin@Server2:/etc/</div></div><div><br></div><div>7. Then I copy the directories I specified in the csync2.cfg over scp so they are identical before we begin.</div><div><br></div><div>8. Once that is done, I try to run a test by running the following commands.</div><div><br></div><div>Server2# sudo csync2 -iii -vvvv</div><div>Server1# sudo csync2 -T -vvvv</div><div><br></div><div><b>---------</b><b>Screen Output</b><b> Server2--------</b></div>Server2# sudo csync2 -iii -vvvv<br>Csync2 daemon running. Waiting for connections.<br><6905> New connection from <a href="http://192.168.57.13:46993">192.168.57.13:46993</a>.<br>Peer> SSL\n<br>Local> OK (activating_ssl).\n<br><6905> Establishing SSL connection failed.<div><b>-------End-------</b></div><div><br></div><div><b>-------Screen Output Server1-------</b></div><div>Server1# sudo csync2 -T -vvvv<b><br></b></div>
My hostname is Server1.<br>Database-File: /var/lib/csync2/Server1.db<br>Config-File: /etc/csync2.cfg<br>Running in-sync check for Server1 <-> Server2.<br>Connecting to host Server2 (SSL) ...<br>Local> SSL\n<br>Peer> OK (activating_ssl).\n<br>Establishing SSL connection failed. <div><b>-------End-------</b><br></div><div><br></div><div>Like I mentioned earlier, if I remove SSL it starts working fine. <br></div><div>Am I missing a step in my setup? or is there another location or log I should be looking at?<br></div><div><br></div><div>Any help would be greatly appreciated. </div><div><br></div><div>Thank you!</div>
<div><br></div><div><div class="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><a href="http://www.everettcc.edu/" style="font-family:Helvetica,Arial,sans-serif;font-size:10px;line-height:12px;color:rgb(142,199,126);text-decoration:none" target="_blank"><img src="https://www.filepicker.io/api/file/p1r42iASEGHkHX8ViGVo/convert?w=150&h=55&fit=clip" alt="Everett Community College" border="0" style="max-width: 100%; vertical-align: middle; border: 0px;"></a><br><span style="color:rgb(102,102,102);font-family:Helvetica,Arial,sans-serif;line-height:12px;font-size:10px">Alex Zimmerman</span><font style="color:rgb(102,102,102);font-family:Helvetica,Arial,sans-serif;line-height:12px;font-size:10px"> </font><span style="color:rgb(102,102,102);font-family:Helvetica,Arial,sans-serif;line-height:12px;font-size:10px">/</span><font style="color:rgb(102,102,102);font-family:Helvetica,Arial,sans-serif;line-height:12px;font-size:10px"> </font><span style="color:rgb(102,102,102);font-family:Helvetica,Arial,sans-serif;line-height:12px;font-size:10px">Information Technology Specialist III</span></div><div dir="ltr"><font color="#666666" face="Helvetica, Arial, sans-serif"><span style="font-size:10px;line-height:12px">Web Data & Development Services</span></font><font style="color:rgb(102,102,102);font-family:Helvetica,Arial,sans-serif;line-height:12px;font-size:10px"> </font><span style="color:rgb(102,102,102);font-family:Helvetica,Arial,sans-serif;line-height:12px;font-size:10px">/</span><font style="color:rgb(102,102,102);font-family:Helvetica,Arial,sans-serif;line-height:12px;font-size:10px"> Enterprise Services / Information Security </font><font color="#666666" face="Helvetica, Arial, sans-serif"><span style="font-size:10px;line-height:12px"><br></span></font><span style="color:rgb(102,102,102);font-family:Helvetica,Arial,sans-serif;line-height:12px;font-size:10px">Direct line:<a href="tel:%28425%29%20259-8724" value="+14252598724" style="color:rgb(17,85,204)" target="_blank">(425) 259-8724</a> / </span><span style="color:rgb(102,102,102);font-family:Helvetica,Arial,sans-serif;line-height:12px;font-size:10px">Help Desk:<a href="tel:%28425%29388%209333" value="+14253889333" style="color:rgb(17,85,204)" target="_blank">(425)388 9333</a></span><br><font color="#666666" style="font-family:Helvetica,Arial,sans-serif;line-height:12px;font-size:12.8px"><span style="font-size:10px">email:</span><span style="font-size:10px"> </span></font><font color="#ff0000" style="font-family:Helvetica,Arial,sans-serif;line-height:12px;font-size:10px"><font color="#ff0000"><font color="#ff0000"><a href="mailto:azimmerman@everettcc.edu" style="color:rgb(17,85,204);text-decoration:none" target="_blank"><font color="#ff0000">azimmerman@everettcc.edu</font></a> </font></font></font><span style="font-family:Helvetica,Arial,sans-serif;line-height:12px;font-size:10px;color:rgb(178,178,160)"> </span><a href="http://www.twitter.com/liquidspikes" style="font-family:Helvetica,Arial,sans-serif;line-height:12px;color:rgb(142,199,126);font-size:10px;text-decoration:none" target="_blank"><img src="http://3sparks.net/signature/images/social/twitter-2.png" alt="Twitter" style="max-width: 100%; vertical-align: middle; border: 0px;"></a><span style="font-family:Helvetica,Arial,sans-serif;line-height:12px;font-size:10px;color:rgb(178,178,160)"> </span><span style="font-family:Helvetica,Arial,sans-serif;line-height:12px;font-size:10px;color:rgb(178,178,160)"> </span><a href="http://www.linkedin.com/in/alexzimmerman/" style="font-family:Helvetica,Arial,sans-serif;line-height:12px;color:rgb(142,199,126);font-size:10px;text-decoration:none" target="_blank"><img src="http://3sparks.net/signature/images/social/linkedin.png" alt="Linkedin" style="max-width: 100%; vertical-align: middle; border: 0px;"></a><span style="font-family:Helvetica,Arial,sans-serif;line-height:12px;font-size:10px;color:rgb(178,178,160)"> </span><br><b style="color:rgb(255,0,0);font-family:'comic sans ms',sans-serif;font-size:x-small">How did I do? Please take a minute to help us improve our IT service by completing the </b><br><b style="color:rgb(255,0,0);font-family:'comic sans ms',sans-serif;font-size:x-small"><a href="http://goo.gl/J3nGC" style="color:rgb(17,85,204)" target="_blank">IT Feedback Survey.</a> (<u><a href="http://goo.gl/J3nGC" style="color:rgb(17,85,204)" target="_blank">http://goo.gl/J3nGC</a>)</u></b><br><div><div><div><div><div><font size="1" face="'comic sans ms', sans-serif" color="#ff0000"><b>Thank you!</b></font></div></div></div></div></div><div><div><font face="'comic sans ms', sans-serif" size="1"><b><font color="#3333ff"></font></b></font></div></div></div></div></div></div></div></div></div></div>
</div>