[Kea-users] kea-2.2.0 - HA cluster - communication between stork and dhcp4 gets lost
Stefan G. Weichinger
lists at xunil.at
Mon Jul 3 11:53:03 UTC 2023
Am 30.06.23 um 18:23 schrieb Stefan G. Weichinger:
> So it's very likely that adding that IP SAN to the cert fixes things.
Replaced the CA and the certs/keys in kea-dhcp4.conf and
kea-ctrl-agent.conf.
That changes things, but doesn't fully fix my issues.
Should the cert in kea-ctrl-agent.conf be another one or the same one?
Sorry for my confusion.
If I turn on
"cert-required" in the ctrl-agent and
STORK_AGENT_SKIP_TLS_CERT_VERIFICATION=false for the stork-agent things
fail.
No more problems with a missing IP SAN, but still verification errors.
The ca.crt in /etc/kea is the same on both machines.
And I added that ca.crt to the system's key storage
("update-ca-certificates").
I *think* communication between stork and kea is encrypted now, just not
fully verified.
More information about the Kea-users
mailing list