[Kea-users] kea-2.2.0 - HA cluster - communication between stork and dhcp4 gets lost
Stefan G. Weichinger
lists at xunil.at
Tue Jun 27 17:54:57 UTC 2023
Am 27.06.23 um 17:17 schrieb Eric Graham:
> Stefan,
>
> Make sure that when you change the password, you also change it in Stork
> and in the HA hook config on each daemon of each server.
I have done that and cross-checked things but somehow communication
wasn't established again. Had to roll back to get it working again asap.
Would be better to do that in the evening ... when I am tired ;-)
> I am not aware of documentation from ISC for generating certificates,
> but here is an article I found that should get you started:
> https://node-security.com/posts/openssl-creating-a-ca/
> <https://node-security.com/posts/openssl-creating-a-ca/>
> You will want to make a CA in this case, and not just self-signed
> certificates. Make sure if you make the certificates for IP and not
> hostname, that you add the IP to the SAN field of the certificates.
> Here's an article from Red Hat about trusting the CA on each host:
> https://www.redhat.com/sysadmin/ca-certificates-cli
> <https://www.redhat.com/sysadmin/ca-certificates-cli> Even if you're not
> in Red Hat-land, it'll get you started.
Thanks for the pointers.
Did such cert-generation quite a few times already (back then before
LetsEncrypt) but hoped for some helpful script or so.
I'll try this in the next days.
More information about the Kea-users
mailing list