<div dir="ltr">Awesome this worked great!<div><br></div><div>Thank you!</div></div><div class="gmail_extra"><br clear="all"><div><div class="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><br><div dir="ltr"><table width="100%" bgcolor="#ffffff" border="0" cellpadding="0" cellspacing="0" style="color:rgb(0,0,0);font-family:Times;font-size:medium;border:0px"><tbody><tr height="20px" style="font-family:'Helvetica Neue',Helvetica,Arial,sans-serif;font-size:10px;height:30px;line-height:12px"></tr><tr style="border:0px;font-family:'Helvetica Neue',Helvetica,Arial,sans-serif;font-size:10px;line-height:12px"><td bgcolor="#f5f5f5" style="border-top-width:8px;border-top-style:solid;border-top-color:rgb(234,234,234);color:rgb(119,119,119);padding:10px 30px 0px"><table width="100%" border="0" cellpadding="0" cellspacing="0" style="border:0px"><tbody><tr style="font-family:'Helvetica Neue',Helvetica,Arial,sans-serif"><td align="left" style="color:rgb(0,0,0)"><strong>Alex Zimmerman</strong> / Information Technology Specialist IV<br><i>Web Data & Development Services / Enterprise Services / Information Security<br></i><a href="http://www.twitter.com/liquidspikes" style="font-family:Helvetica,Arial,sans-serif;color:rgb(142,199,126);text-decoration:none;background-color:rgb(255,255,255)" target="_blank"><img src="http://3sparks.net/signature/images/social/twitter-2.png" alt="Twitter" style="max-width:100%;vertical-align:middle;border:0px"></a><span style="font-family:Helvetica,Arial,sans-serif;color:rgb(178,178,160);background-color:rgb(255,255,255)"> </span><span style="font-family:Helvetica,Arial,sans-serif;color:rgb(178,178,160);background-color:rgb(255,255,255)"> </span><a href="http://www.linkedin.com/in/alexzimmerman/" style="font-family:Helvetica,Arial,sans-serif;color:rgb(142,199,126);text-decoration:none;background-color:rgb(255,255,255)" target="_blank"><img src="http://3sparks.net/signature/images/social/linkedin.png" alt="Linkedin" style="max-width:100%;vertical-align:middle;border:0px"></a><br></td></tr><tr style="font-family:'Helvetica Neue',Helvetica,Arial,sans-serif"><td width="100%"><hr style="border-bottom-style:solid;border-bottom-color:rgb(228,228,228);border-top-style:none;margin-bottom:5px;margin-top:5px"></td></tr><tr style="font-family:'Helvetica Neue',Helvetica,Arial,sans-serif"></tr></tbody></table><table width="70%" align="left" border="0" cellpadding="0" cellspacing="0" style="border:0px;margin-bottom:10px"><tbody><tr><td align="left" style="color:rgb(0,0,0)"><strong>Direct line: <a href="tel:4252598724" style="color:rgb(119,119,119);text-decoration:none" target="_blank">(425)259-8724</a><br>IT HelpDesk: <a href="tel:4253889333" style="color:rgb(119,119,119);text-decoration:none" target="_blank">(425)388-9333</a><br>Email: <a href="mailto:azimmerman@everettcc.edu" style="color:rgb(119,119,119);text-decoration:none" target="_blank">azimmerman@everettcc.edu</a></strong><br><br><strong>How did I do?</strong><br>Please take a minute to help us improve by completing the IT Feedback Survey. (<a href="http://goo.gl/J3nGC" style="color:rgb(119,119,119);text-decoration:none" target="_blank">http://goo.gl/J3nGC</a>) Thank you!</td></tr></tbody></table><table width="30%" align="right" border="0" cellpadding="0" cellspacing="0" style="border:0px"><tbody><tr><td align="right" style="color:rgb(0,0,0)"><a href="http://www.everettcc.edu" style="color:rgb(119,119,119);text-decoration:none" target="_blank"><img src="https://drive.google.com/uc?id=0B7eLqCFtBr5ZbzVuLXBlNkNKQ2s" alt="Everett CC logo" style="border:0px;height:auto;max-height:38px;max-width:100%;padding-left:10px;padding-top:6px"></a></td></tr></tbody></table></td></tr></tbody></table></div><div dir="ltr"><br></div><div dir="ltr"><div><div><font face="'comic sans ms', sans-serif" size="1"><b><font color="#3333ff"></font></b></font></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div>
<br><div class="gmail_quote">On Mon, Dec 7, 2015 at 3:08 AM, Rabin Yasharzadehe <span dir="ltr"><<a href="mailto:rabin@isoc.org.il" target="_blank">rabin@isoc.org.il</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div class="gmail_default" style="font-family:tahoma,sans-serif">I had this problem, there is a bug with openssl when using CN, skip this part when creating the csr file.
<ul><li> see: <a rel="nofollow" href="http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=501289" target="_blank">http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=501289</a></li></ul></div></div><div class="gmail_extra"><br clear="all"><div><div><div dir="ltr"><br><br><span style="font-family:monospace">--<br>Rabin</span></div></div></div>
<br><div class="gmail_quote">On Sat, Dec 5, 2015 at 2:42 AM, Alex Zimmerman <span dir="ltr"><<a href="mailto:azimmerman@everettcc.edu" target="_blank">azimmerman@everettcc.edu</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div>Hello,</div><div><br></div><div>I am in the process of setting up my first csync2 webserver cluster and it is going pretty well, except I cannot seem to get the servers to communicate when I enable SSL.</div><div><br></div><div>Before filing a bug report, I just want to make sure I am doing everything correctly.</div><div>I am running the latest Ubuntu 12.04 package version of csync2 (1.34-2.2build1).</div><div><br></div><div>1. First I install the csync2 package on both servers in the cluster.</div><div><br></div><div>Server1# sudo apt-get install csync2</div><div>Server2# sudo apt-get install csync2<br></div><div><br></div><div>2. Then I create the certificate file on the primary server.</div><div><div><br></div><div>Server1# sudo openssl genrsa -out /etc/csync2_ssl_key.pem 1024</div><div><br></div><div>Server1# sudo openssl req -new -subj '/C=US/ST=Washington/L=Everett' -key csync2_ssl_key.pem -out csync2_ssl_cert.csr</div><div><br></div><div>Server1# sudo openssl x509 -req -days 600 -in csync2_ssl_cert.csr -signkey csync2_ssl_key.pem -out csync2_ssl_cert.pem</div><div><br></div><div>3. After having setup the certificates, I create the csync2 key by performing the following:</div><div><br></div><div>Server1# sudo csync2 -k /etc/csync2_ssl_cert.key</div></div><div><br></div><div><div>4. Next, I edit the configuration file at /etc/csync2.cfg as follows.</div><div><br></div><div>group website {</div><div>host Server1;</div><div>host Server2;</div><div> key /etc/csync2_ssl_cert.key;</div><div> include /var/www/;</div><div> include /opt/coldfusion10/cfusion/CustomTags;</div><div> include /opt/coldfusion10/cfcs;</div><div> auto none;</div><div>}</div><div><br></div><div>5. Two additional host specific configuration files are then required.</div><div><br></div><div>/etc/csync2_Server1.cfg:</div><div><br></div><div>group server1 { </div><div> host Server1;</div><div> host (Server2);</div><div> key /etc/csync2_ssl_cert.key;</div><div> include /var/www/;</div><div> include /opt/coldfusion10/cfusion/CustomTags;</div><div> include /opt/coldfusion10/cfcs;</div><div> auto none;</div><div>}</div><div><br></div><div>/etc/csync2_Server2.cfg:</div><div><br></div><div>group Server2 {</div><div> host Server2;</div><div> host (Server1);</div><div> key /etc/csync2_ssl_cert.key;</div><div> include /var/www/;</div><div> include /opt/coldfusion10/cfusion/CustomTags;</div><div> include /opt/coldfusion10/cfcs;</div><div> auto none;</div><div>}</div></div><div><br></div><div><div>6. I copy all the configs and certs the first server to rest of the servers:</div><div><br></div><div>Server1# sudo scp /etc/csync2* admin@Server2:/etc/</div></div><div><br></div><div>7. Then I copy the directories I specified in the csync2.cfg over scp so they are identical before we begin.</div><div><br></div><div>8. Once that is done, I try to run a test by running the following commands.</div><div><br></div><div>Server2# sudo csync2 -iii -vvvv</div><div>Server1# sudo csync2 -T -vvvv</div><div><br></div><div><b>---------</b><b>Screen Output</b><b> Server2--------</b></div>Server2# sudo csync2 -iii -vvvv<br>Csync2 daemon running. Waiting for connections.<br><6905> New connection from <a href="http://192.168.57.13:46993" target="_blank">192.168.57.13:46993</a>.<br>Peer> SSL\n<br>Local> OK (activating_ssl).\n<br><6905> Establishing SSL connection failed.<div><b>-------End-------</b></div><div><br></div><div><b>-------Screen Output Server1-------</b></div><div>Server1# sudo csync2 -T -vvvv<b><br></b></div>
My hostname is Server1.<br>Database-File: /var/lib/csync2/Server1.db<br>Config-File: /etc/csync2.cfg<br>Running in-sync check for Server1 <-> Server2.<br>Connecting to host Server2 (SSL) ...<br>Local> SSL\n<br>Peer> OK (activating_ssl).\n<br>Establishing SSL connection failed. <div><b>-------End-------</b><br></div><div><br></div><div>Like I mentioned earlier, if I remove SSL it starts working fine. <br></div><div>Am I missing a step in my setup? or is there another location or log I should be looking at?<br></div><div><br></div><div>Any help would be greatly appreciated. </div><div><br></div><div>Thank you!</div>
<div><br></div><div><div><div dir="ltr"><div><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><a href="http://www.everettcc.edu/" style="font-family:Helvetica,Arial,sans-serif;font-size:10px;line-height:12px;color:rgb(142,199,126);text-decoration:none" target="_blank"><img alt="Everett Community College" style="max-width:100%;vertical-align:middle;border:0px" border="0"></a><br><span style="color:rgb(102,102,102);font-family:Helvetica,Arial,sans-serif;line-height:12px;font-size:10px">Alex Zimmerman</span><font style="color:rgb(102,102,102);font-family:Helvetica,Arial,sans-serif;line-height:12px;font-size:10px"> </font><span style="color:rgb(102,102,102);font-family:Helvetica,Arial,sans-serif;line-height:12px;font-size:10px">/</span><font style="color:rgb(102,102,102);font-family:Helvetica,Arial,sans-serif;line-height:12px;font-size:10px"> </font><span style="color:rgb(102,102,102);font-family:Helvetica,Arial,sans-serif;line-height:12px;font-size:10px">Information Technology Specialist III</span></div><div dir="ltr"><font color="#666666" face="Helvetica, Arial, sans-serif"><span style="font-size:10px;line-height:12px">Web Data & Development Services</span></font><font style="color:rgb(102,102,102);font-family:Helvetica,Arial,sans-serif;line-height:12px;font-size:10px"> </font><span style="color:rgb(102,102,102);font-family:Helvetica,Arial,sans-serif;line-height:12px;font-size:10px">/</span><font style="color:rgb(102,102,102);font-family:Helvetica,Arial,sans-serif;line-height:12px;font-size:10px"> Enterprise Services / Information Security </font><font color="#666666" face="Helvetica, Arial, sans-serif"><span style="font-size:10px;line-height:12px"><br></span></font><span style="color:rgb(102,102,102);font-family:Helvetica,Arial,sans-serif;line-height:12px;font-size:10px">Direct line:<a href="tel:%28425%29%20259-8724" value="+14252598724" style="color:rgb(17,85,204)" target="_blank">(425) 259-8724</a> / </span><span style="color:rgb(102,102,102);font-family:Helvetica,Arial,sans-serif;line-height:12px;font-size:10px">Help Desk:<a href="tel:%28425%29388%209333" value="+14253889333" style="color:rgb(17,85,204)" target="_blank">(425)388 9333</a></span><br><font style="font-family:Helvetica,Arial,sans-serif;line-height:12px;font-size:12.8px" color="#666666"><span style="font-size:10px">email:</span><span style="font-size:10px"> </span></font><font style="font-family:Helvetica,Arial,sans-serif;line-height:12px;font-size:10px" color="#ff0000"><font color="#ff0000"><font color="#ff0000"><a href="mailto:azimmerman@everettcc.edu" style="color:rgb(17,85,204);text-decoration:none" target="_blank"><font color="#ff0000">azimmerman@everettcc.edu</font></a> </font></font></font><span style="font-family:Helvetica,Arial,sans-serif;line-height:12px;font-size:10px;color:rgb(178,178,160)"> </span><a href="http://www.twitter.com/liquidspikes" style="font-family:Helvetica,Arial,sans-serif;line-height:12px;color:rgb(142,199,126);font-size:10px;text-decoration:none" target="_blank"><img alt="Twitter" style="max-width:100%;vertical-align:middle;border:0px"></a><span style="font-family:Helvetica,Arial,sans-serif;line-height:12px;font-size:10px;color:rgb(178,178,160)"> </span><span style="font-family:Helvetica,Arial,sans-serif;line-height:12px;font-size:10px;color:rgb(178,178,160)"> </span><a href="http://www.linkedin.com/in/alexzimmerman/" style="font-family:Helvetica,Arial,sans-serif;line-height:12px;color:rgb(142,199,126);font-size:10px;text-decoration:none" target="_blank"><img alt="Linkedin" style="max-width:100%;vertical-align:middle;border:0px"></a><span style="font-family:Helvetica,Arial,sans-serif;line-height:12px;font-size:10px;color:rgb(178,178,160)"> </span><br><b style="color:rgb(255,0,0);font-family:'comic sans ms',sans-serif;font-size:x-small">How did I do? Please take a minute to help us improve our IT service by completing the </b><br><b style="color:rgb(255,0,0);font-family:'comic sans ms',sans-serif;font-size:x-small"><a href="http://goo.gl/J3nGC" style="color:rgb(17,85,204)" target="_blank">IT Feedback Survey.</a> (<u><a href="http://goo.gl/J3nGC" style="color:rgb(17,85,204)" target="_blank">http://goo.gl/J3nGC</a>)</u></b><br><div><div><div><div><div><font color="#ff0000" face="'comic sans ms', sans-serif" size="1"><b>Thank you!</b></font></div></div></div></div></div><div><div><font face="'comic sans ms', sans-serif" size="1"><b><font color="#3333ff"></font></b></font></div></div></div></div></div></div></div></div></div></div>
</div>
<br>_______________________________________________<br>
Csync2 mailing list<br>
<a href="mailto:Csync2@lists.linbit.com" target="_blank">Csync2@lists.linbit.com</a><br>
<a href="http://lists.linbit.com/mailman/listinfo/csync2" rel="noreferrer" target="_blank">http://lists.linbit.com/mailman/listinfo/csync2</a><br>
<br></blockquote></div><br></div>
</blockquote></div><br></div>