[Csync2] Establishing SSL connection failed

Jorge Daniel Sequeira Matias jdsm at ist.utl.pt
Wed Jun 25 01:22:02 CEST 2008 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


  Hello,

  I have gone through the same problem you are having now.
  The problem is that there is a bug somewhere between csync2 and
libgnutls that csync2 uses in handling x.509 certificates generated by
OpenSSL with  "CN" field.
  To go around the problem you must do a 'openssl req' without data in
the "CN" field. This can be achieved no fullfilling that field in the
form, or using option "--batch" in this command. You this option, the
program will not ask for any fields, and will not put a CN field in the
certificate request.

  I have already posted about this problem before and I upgraded my
Debian/sid installation, one year ago, during the summer.

  I hope I have helped.

Regards,
Jorge Matias
CIIST - Centro de Informática do
Instituto Superior Técnico
Universidade Técnica de Lisboa


Michael Mansour escreveu:
> Hi,
> 
> I've built some new servers and installed the latest 1.34 of csync2 on 64 bit
> Scientific Linux 5.1 (RHEL5 U1)
> 
> I've used and administered csync2 for many years on SL4 servers (RHEL4 based)
> and never had any dramas. With these newer SL5.1 servers, I keep getting this
> error:
> 
> Establishing SSL connection failed. 
> 
> and synchronisation of files do not occur.
> 
> I have gone through the process of creating the certificates etc, and the
> above indicates to me that the certificates haven't been put into the sqlite
> database upon the first attempted sync, but I'm not sure how to resolve this.
> 
> Can someone suggest something please?
> 
> Running tests with:
> 
> # csync2 -vvv -T 
> 
> and:
> 
> # csync2 -xvvv 
> 
> shows me what I want to see (SSL connections ok) but files never synchronise
> on the remote host.
> 
> Michael.
> _______________________________________________
> Csync2 mailing list
> Csync2 at lists.linbit.com
> http://lists.linbit.com/mailman/listinfo/csync2

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFIYYGaUd8C1V21YR4RAijsAJ9p9Mwy1elGMDSSADTDx+7cihGnbQCePknG
gJZLvXefa6qamPAO31p6/DM=
=kw2E
-----END PGP SIGNATURE-----

More information about the Csync2 mailing list