You didn't specify correctly the IP in the SANS but I'm not sure if that's the root cause. In the SANs section Specify all hosts + their IPs: IP.1=1.2.3.4IP.2=2.3.4.5DNS.1=c01.glusterDNS.2=c02.gluster
What is the output from the client:openssl s_client -showcerts -connect c02.gluster:24007 There is a very good article on the topic:https://www.redhat.com/en/blog/hardening-gluster-installations-tls Can you check it for a missed step ?Can you share the volume settings ? Best Regards,Strahil Nikolov On Sun, Jan 28, 2024 at 11:38, Stefan Kania<ste...@kania-online.de> wrote: Hi Strahil, ok, that's what I did now to create the certificate: --------------------- openssl req -x509 -sha256 -key glusterfs.key -out "glusterfs.pem" -days 365 -subj "/C=de/ST=SH/L=St. Michel/O=stka/OU=gluster-nodes/CN=c01.gluster" -addext "subjectAltName = DNS:192.168.56.41" -------------------- still the same. The communication between the gluster-nodes is working with TLS, but the client can't mount the volume anymore. I now try to mount the volume with log-level=trace mount -t glusterfs -o log-level=trace c02.gluster:/gv1 /mnt and got the following: --------------- [2024-01-28 09:22:38.348905 +0000] I [MSGID: 100030] [glusterfsd.c:2767:main] 0-/usr/sbin/glusterfs: Started running version [{arg=/usr/sbin/glusterfs}, {version=10.5}, {cmdlinestr=/usr/sbin/glusterfs --log-level=TRACE --process-name fuse --volfile-server=c02.gluster --volfile-id=/gv1 /mnt}] [2024-01-28 09:22:38.349095 +0000] T [MSGID: 0] [xlator.c:388:xlator_dynload] 0-xlator: attempt to load file /usr/lib/x86_64-linux-gnu/glusterfs/10.5/xlator/mount/fuse.so [2024-01-28 09:22:38.349650 +0000] T [MSGID: 0] [xlator.c:301:xlator_dynload_apis] 0-xlator: fuse: method missing (reconfigure) [2024-01-28 09:22:38.349728 +0000] T [MSGID: 0] [xlator.c:319:xlator_dynload_apis] 0-xlator: fuse: method missing (dump_metrics) [2024-01-28 09:22:38.349854 +0000] T [MSGID: 0] [xlator.c:325:xlator_dynload_apis] 0-xlator: fuse: method missing (pass_through_fops), falling back to default [2024-01-28 09:22:38.349979 +0000] D [MSGID: 0] [glusterfsd.c:421:set_fuse_mount_options] 0-glusterfsd: fopen-keep-cache mode 2 [2024-01-28 09:22:38.350111 +0000] D [MSGID: 0] [glusterfsd.c:465:set_fuse_mount_options] 0-glusterfsd: fuse direct io type 2 [2024-01-28 09:22:38.350222 +0000] D [MSGID: 0] [glusterfsd.c:478:set_fuse_mount_options] 0-glusterfsd: fuse no-root-squash mode 0 [2024-01-28 09:22:38.350347 +0000] D [MSGID: 0] [glusterfsd.c:519:set_fuse_mount_options] 0-glusterfsd: kernel-writeback-cache mode 2 [2024-01-28 09:22:38.350458 +0000] D [MSGID: 0] [glusterfsd.c:537:set_fuse_mount_options] 0-glusterfsd: fuse-flush-handle-interrupt mode 2 [2024-01-28 09:22:38.350674 +0000] T [MSGID: 0] [options.c:1239:xlator_option_init_double] 0-fuse: option attribute-timeout using default value 1.0 [2024-01-28 09:22:38.350792 +0000] T [MSGID: 0] [options.c:513:xlator_option_validate_double] 0-fuse: no range check required for 'option attribute-timeout 1.0' [2024-01-28 09:22:38.350925 +0000] T [MSGID: 0] [options.c:1230:xlator_option_init_uint32] 0-fuse: option reader-thread-count using default value 1 [2024-01-28 09:22:38.351133 +0000] D [dict.c:2503:dict_get_str] (-->/usr/lib/x86_64-linux-gnu/glusterfs/10.5/xlator/mount/fuse.so(+0x1ee10) [0x7ff51324ce10] -->/lib/x86_64-linux-gnu/libglusterfs.so.0(xlator_option_init_bool+0x60) [0x7ff513e88bf0] -->/lib/x86_64-linux-gnu/libglusterfs.so.0(dict_get_str+0xdf) [0x7ff513e358df] ) 0-dict: key auto-invalidation, string type asked, has unsigned integer type [Das Argument ist ungültig] [2024-01-28 09:22:38.351262 +0000] D [MSGID: 0] [options.c:1236:xlator_option_init_bool] 0-fuse: option auto-invalidation using set value 0 [2024-01-28 09:22:38.351514 +0000] T [MSGID: 0] [options.c:1239:xlator_option_init_double] 0-fuse: option entry-timeout using default value 1.0 [2024-01-28 09:22:38.351661 +0000] T [MSGID: 0] [options.c:513:xlator_option_validate_double] 0-fuse: no range check required for 'option entry-timeout 1.0' [2024-01-28 09:22:38.351894 +0000] D [dict.c:2503:dict_get_str] (-->/usr/lib/x86_64-linux-gnu/glusterfs/10.5/xlator/mount/fuse.so(+0x1ee6e) [0x7ff51324ce6e] -->/lib/x86_64-linux-gnu/libglusterfs.so.0(xlator_option_init_double+0x60) [0x7ff513e89080] -->/lib/x86_64-linux-gnu/libglusterfs.so.0(dict_get_str+0xdf) [0x7ff513e358df] ) 0-dict: key negative-timeout, string type asked, has float type [Das Argument ist ungültig] [2024-01-28 09:22:38.351970 +0000] D [MSGID: 0] [options.c:1239:xlator_option_init_double] 0-fuse: option negative-timeout using set value 0.000000 [2024-01-28 09:22:38.352092 +0000] T [MSGID: 0] [options.c:513:xlator_option_validate_double] 0-fuse: no range check required for 'option negative-timeout 0.000000' [2024-01-28 09:22:38.352283 +0000] T [MSGID: 0] [options.c:1231:xlator_option_init_int32] 0-fuse: option client-pid not set [2024-01-28 09:22:38.352402 +0000] T [MSGID: 0] [options.c:1230:xlator_option_init_uint32] 0-fuse: option uid-map-root not set [2024-01-28 09:22:38.352527 +0000] T [MSGID: 0] [options.c:1236:xlator_option_init_bool] 0-fuse: option strict-volfile-check using default value false [2024-01-28 09:22:38.352649 +0000] T [MSGID: 0] [options.c:1236:xlator_option_init_bool] 0-fuse: option acl using default value false [2024-01-28 09:22:38.352826 +0000] T [MSGID: 0] [options.c:1236:xlator_option_init_bool] 0-fuse: option selinux using default value false [2024-01-28 09:22:38.352947 +0000] T [MSGID: 0] [options.c:1236:xlator_option_init_bool] 0-fuse: option capability using default value false [2024-01-28 09:22:38.353065 +0000] T [MSGID: 0] [options.c:1236:xlator_option_init_bool] 0-fuse: option read-only not set [2024-01-28 09:22:38.353169 +0000] T [MSGID: 0] [options.c:1236:xlator_option_init_bool] 0-fuse: option enable-ino32 using default value false [2024-01-28 09:22:38.353311 +0000] T [MSGID: 0] [options.c:1236:xlator_option_init_bool] 0-fuse: option use-readdirp using default value yes [2024-01-28 09:22:38.353518 +0000] D [dict.c:2503:dict_get_str] (-->/lib/x86_64-linux-gnu/libglusterfs.so.0(xlator_init+0xc5) [0x7ff513e38c45] -->/usr/lib/x86_64-linux-gnu/glusterfs/10.5/xlator/mount/fuse.so(+0x1f0fd) [0x7ff51324d0fd] -->/lib/x86_64-linux-gnu/libglusterfs.so.0(dict_get_str+0xdf) [0x7ff513e358df] ) 0-dict: key sync-to-mount, string type asked, has pointer type [Das Argument ist ungültig] [2024-01-28 09:22:38.353644 +0000] T [MSGID: 0] [options.c:1240:xlator_option_init_time] 0-fuse: option gid-timeout using default value 300 [2024-01-28 09:22:38.353766 +0000] T [MSGID: 0] [options.c:80:xlator_option_validate_int] 0-fuse: no range check required for 'option gid-timeout 300' [2024-01-28 09:22:38.353887 +0000] T [MSGID: 0] [options.c:1227:xlator_option_init_str] 0-fuse: option fuse-mountopts not set [2024-01-28 09:22:38.354028 +0000] T [MSGID: 0] [options.c:1236:xlator_option_init_bool] 0-fuse: option resolve-gids using default value false [2024-01-28 09:22:38.354140 +0000] T [MSGID: 0] [options.c:1231:xlator_option_init_int32] 0-fuse: option background-qlen using default value 64 [2024-01-28 09:22:38.354311 +0000] T [MSGID: 0] [options.c:1231:xlator_option_init_int32] 0-fuse: option congestion-threshold using default value 48 [2024-01-28 09:22:38.354452 +0000] D [dict.c:2503:dict_get_str] (-->/usr/lib/x86_64-linux-gnu/glusterfs/10.5/xlator/mount/fuse.so(+0x1f2a1) [0x7ff51324d2a1] -->/lib/x86_64-linux-gnu/libglusterfs.so.0(xlator_option_init_bool+0x60) [0x7ff513e88bf0] -->/lib/x86_64-linux-gnu/libglusterfs.so.0(dict_get_str+0xdf) [0x7ff513e358df] ) 0-dict: key no-root-squash, string type asked, has pointer type [Das Argument ist ungültig] [2024-01-28 09:22:38.354519 +0000] D [MSGID: 0] [options.c:1236:xlator_option_init_bool] 0-fuse: option no-root-squash using set value disable [2024-01-28 09:22:38.354671 +0000] T [MSGID: 0] [options.c:1230:xlator_option_init_uint32] 0-fuse: option lru-limit using default value 65536 [2024-01-28 09:22:38.354769 +0000] T [MSGID: 0] [options.c:80:xlator_option_validate_int] 0-fuse: no range check required for 'option lru-limit 65536' [2024-01-28 09:22:38.354974 +0000] D [dict.c:2503:dict_get_str] (-->/usr/lib/x86_64-linux-gnu/glusterfs/10.5/xlator/mount/fuse.so(+0x1f312) [0x7ff51324d312] -->/lib/x86_64-linux-gnu/libglusterfs.so.0(xlator_option_init_uint32+0x60) [0x7ff513e89900] -->/lib/x86_64-linux-gnu/libglusterfs.so.0(dict_get_str+0xdf) [0x7ff513e358df] ) 0-dict: key invalidate-limit, string type asked, has integer type [Das Argument ist ungültig] [2024-01-28 09:22:38.355042 +0000] D [MSGID: 0] [options.c:1230:xlator_option_init_uint32] 0-fuse: option invalidate-limit using set value 0 [2024-01-28 09:22:38.355255 +0000] T [MSGID: 0] [options.c:80:xlator_option_validate_int] 0-fuse: no range check required for 'option invalidate-limit 0' [2024-01-28 09:22:38.355366 +0000] T [MSGID: 0] [options.c:1236:xlator_option_init_bool] 0-fuse: option event-history using default value false [2024-01-28 09:22:38.355480 +0000] T [MSGID: 0] [options.c:1236:xlator_option_init_bool] 0-fuse: option thin-client using default value false [2024-01-28 09:22:38.355581 +0000] T [MSGID: 0] [options.c:1236:xlator_option_init_bool] 0-fuse: option kernel-writeback-cache using default value false [2024-01-28 09:22:38.355679 +0000] T [MSGID: 0] [options.c:1231:xlator_option_init_int32] 0-fuse: option attr-times-granularity using default value 0 [2024-01-28 09:22:38.355873 +0000] T [MSGID: 0] [options.c:1236:xlator_option_init_bool] 0-fuse: option flush-handle-interrupt using default value false [2024-01-28 09:22:38.356004 +0000] T [MSGID: 0] [options.c:1230:xlator_option_init_uint32] 0-fuse: option fuse-dev-eperm-ratelimit-ns using default value 10000000 [2024-01-28 09:22:38.358563 +0000] I [glusterfsd.c:2447:daemonize] 0-glusterfs: Pid of current running process is 792 [2024-01-28 09:22:38.358647 +0000] D [logging.c:1705:__gf_log_inject_timer_event] 0-logging-infra: Starting timer now. Timeout = 120, current buf size = 5 [2024-01-28 09:22:38.362664 +0000] D [MSGID: 0] [gf-io.c:513:gf_io_run] 0-io: Trying I/O engine 'io_uring' [2024-01-28 09:22:38.363447 +0000] D [MSGID: 0] [gf-io-uring.c:191:gf_io_uring_dump_params] 0-io: I/O URing: SQEs=32768, CQEs=65536, CPU=0, Idle=0 [2024-01-28 09:22:38.363523 +0000] D [MSGID: 0] [gf-io-uring.c:196:gf_io_uring_dump_params] 0-io: I/O URing: Flags: CLAMP(10) [2024-01-28 09:22:38.363663 +0000] D [MSGID: 0] [gf-io-uring.c:199:gf_io_uring_dump_params] 0-io: I/O URing: Features: SINGLE_MMAP(1) NODROP(2) SUBMIT_STABLE(4) RW_CUR_POS(8) CUR_PERSONALITY(10) FAST_POLL(20) POLL_32BITS(40) SQPOLL_NONFIXED(80) EXT_ARG(100) NATIVE_WORKERS(200) ?(1c00) [2024-01-28 09:22:38.363800 +0000] D [MSGID: 0] [gf-io-uring.c:251:gf_io_uring_dump_ops] 0-io: I/O URing: Max opcode = 48 [2024-01-28 09:22:38.363932 +0000] D [MSGID: 0] [gf-io-uring.c:270:gf_io_uring_dump_ops] 0-io: I/O URing: Ops: NOP(0) READV(1) WRITEV(2) FSYNC(3) READ_FIXED(4) WRITE_FIXED(5) POLL_ADD(6) POLL_REMOVE(7) SYNC_FILE_RANGE(8) SENDMSG(9) RECVMSG(10) TIMEOUT(11) TIMEOUT_REMOVE(12) ACCEPT(13) ASYNC_CANCEL(14) LINK_TIMEOUT(15) CONNECT(16) FALLOCATE(17) OPENAT(18) CLOSE(19) FILES_UPDATE(20) STATX(21) READ(22) WRITE(23) FADVISE(24) MADVISE(25) SEND(26) RECV(27) OPENAT2(28) EPOLL_CTL(29) SPLICE(30) PROVIDE_BUFFERS(31) REMOVE_BUFFERS(32) TEE(33) SHUTDOWN(34) RENAMEAT(35) UNLINKAT(36) ?(37) ?(38) ?(39) ?(40) ?(41) ?(42) ?(43) ?(44) ?(45) ?(46) ?(47) ?(48) [2024-01-28 09:22:38.364281 +0000] D [MSGID: 0] [gf-io.c:517:gf_io_run] 0-io: I/O engine 'io_uring' is ready [2024-01-28 09:22:38.365254 +0000] D [rpc-clnt.c:1018:rpc_clnt_connection_init] 0-glusterfs: defaulting frame-timeout to 30mins [2024-01-28 09:22:38.365410 +0000] D [rpc-clnt.c:1030:rpc_clnt_connection_init] 0-glusterfs: disable ping-timeout [2024-01-28 09:22:38.365501 +0000] D [rpc-transport.c:278:rpc_transport_load] 0-rpc-transport: attempt to load file /usr/lib/x86_64-linux-gnu/glusterfs/10.5/rpc-transport/socket.so [2024-01-28 09:22:38.366186 +0000] D [MSGID: 101233] [options.c:973:xl_opt_validate] 0-glusterfs: option is deprecated, continuing with correction [{key=address-family}, {preferred=transport.address-family}] [2024-01-28 09:22:38.366264 +0000] T [MSGID: 0] [options.c:80:xlator_option_validate_int] 0-glusterfs: no range check required for 'option remote-port 24007' [2024-01-28 09:22:38.367351 +0000] D [socket.c:4561:socket_init] 0-glusterfs: Configured transport.tcp-user-timeout=42 [2024-01-28 09:22:38.367566 +0000] D [socket.c:4581:socket_init] 0-glusterfs: Reconfigured transport.keepalivecnt=9 [2024-01-28 09:22:38.367629 +0000] D [rpc-clnt.c:1591:rpcclnt_cbk_program_register] 0-glusterfs: New program registered: GlusterFS Callback, Num: 52743234, Ver: 1 [2024-01-28 09:22:38.367748 +0000] T [rpc-clnt.c:396:rpc_clnt_reconnect] 0-glusterfs: attempting reconnect [2024-01-28 09:22:38.367865 +0000] T [socket.c:3377:socket_connect] 0-glusterfs: connecting 0x7ff50c007768, sock=-1 [2024-01-28 09:22:38.368068 +0000] D [dict.c:1290:data_to_uint16] (-->/usr/lib/x86_64-linux-gnu/glusterfs/10.5/rpc-transport/socket.so(+0x98dd) [0x7ff5123438dd] -->/usr/lib/x86_64-linux-gnu/glusterfs/10.5/rpc-transport/socket.so(socket_client_get_remote_sockaddr+0x2c8) [0x7ff512343448] -->/lib/x86_64-linux-gnu/libglusterfs.so.0(data_to_uint16+0x146) [0x7ff513e32676] ) 0-dict: key null, unsigned integer type asked, has integer type [Das Argument ist ungültig] # --> the argument is invalide [2024-01-28 09:22:38.368170 +0000] T [MSGID: 0] [common-utils.c:504:gf_resolve_ip6] 0-resolver: DNS cache not present, freshly probing hostname: c02.gluster [2024-01-28 09:22:38.368577 +0000] D [MSGID: 0] [common-utils.c:542:gf_resolve_ip6] 0-resolver: returning ip-192.168.57.42 (port-24007) for hostname: c02.gluster and port: 24007 [2024-01-28 09:22:38.368641 +0000] D [socket.c:3294:socket_fix_ssl_opts] 0-glusterfs: disabling SSL for portmapper connection [2024-01-28 09:22:38.368739 +0000] T [socket.c:1021:__socket_nodelay] 0-glusterfs: NODELAY enabled for socket 11 [2024-01-28 09:22:38.368846 +0000] T [socket.c:1107:__socket_keepalive] 0-glusterfs: Keep-alive enabled for socket: 11, (idle: 20, interval: 2, max-probes: 9, timeout: 42) [2024-01-28 09:22:38.368954 +0000] T [socket.c:3495:socket_connect] 0-glusterfs: >>> connect() with non-blocking IO for ALL [2024-01-28 09:22:38.369071 +0000] T [socket.c:206:socket_dump_info] 0-glusterfs: $$$ client: connecting to (af:2,sock:11) 192.168.57.42 non-SSL (errno:0:Erfolg) [2024-01-28 09:22:38.369501 +0000] I [MSGID: 101190] [event-epoll.c:667:event_dispatch_epoll_worker] 0-epoll: Started thread with index [{index=1}] [2024-01-28 09:22:38.369565 +0000] T [socket.c:2897:socket_event_handler] 0-glusterfs: client (sock:11) in:0, out:4, err:0 [2024-01-28 09:22:38.369682 +0000] T [socket.c:2903:socket_event_handler] 0-glusterfs: client (sock:11) socket is not connected, completing connection [2024-01-28 09:22:38.369872 +0000] T [rpc-clnt.c:1443:rpc_clnt_record_build_header] 0-rpc-clnt: Request fraglen 140, payload: 76, rpc hdr: 64 [2024-01-28 09:22:38.369990 +0000] T [rpc-clnt.c:1729:rpc_clnt_submit] 0-rpc-clnt: submitted request (unique: 0, XID: 0x2, Program: GlusterFS Handshake, ProgVers: 2, Proc: 2) to rpc-transport (glusterfs) [2024-01-28 09:22:38.370068 +0000] D [rpc-clnt-ping.c:296:rpc_clnt_start_ping] 0-glusterfs: ping timeout is 0, returning [2024-01-28 09:22:38.370207 +0000] T [socket.c:2803:socket_handle_client_connection_attempt] 0-glusterfs: socket_connect_finish() returned 0 [2024-01-28 09:22:38.370301 +0000] T [socket.c:2910:socket_event_handler] 0-glusterfs: (sock:11) socket_complete_connection() returned 1 [2024-01-28 09:22:38.370471 +0000] T [socket.c:2916:socket_event_handler] 0-glusterfs: (sock:11) returning to wait on socket [2024-01-28 09:22:38.370529 +0000] T [socket.c:2897:socket_event_handler] 0-glusterfs: client (sock:11) in:0, out:4, err:0 [2024-01-28 09:22:38.370668 +0000] T [socket.c:2923:socket_event_handler] 0-glusterfs: Client socket (11) is already connected [2024-01-28 09:22:38.370733 +0000] T [socket.c:2932:socket_event_handler] 0-glusterfs: (sock:11) socket_event_poll_out returned 0 [2024-01-28 09:22:38.370837 +0000] I [MSGID: 101190] [event-epoll.c:667:event_dispatch_epoll_worker] 0-epoll: Started thread with index [{index=0}] [2024-01-28 09:22:38.374114 +0000] T [socket.c:2897:socket_event_handler] 0-glusterfs: client (sock:11) in:1, out:0, err:24 [2024-01-28 09:22:38.374179 +0000] T [socket.c:206:socket_dump_info] 0-glusterfs: $$$ client: disconnecting from (af:2,sock:11) 192.168.57.42 non-SSL (errno:104:Die Verbindung wurde vom Kommunikationspartner zurückgesetzt) # --> connection reseted by peer [2024-01-28 09:22:38.374326 +0000] D [socket.c:2966:socket_event_handler] 0-transport: EPOLLERR - disconnecting (sock:11) (non-SSL) [2024-01-28 09:22:38.374447 +0000] I [glusterfsd-mgmt.c:2681:mgmt_rpc_notify] 0-glusterfsd-mgmt: disconnected from remote-host: c02.gluster [2024-01-28 09:22:38.374529 +0000] I [glusterfsd-mgmt.c:2720:mgmt_rpc_notify] 0-glusterfsd-mgmt: Exhausted all volfile servers [2024-01-28 09:22:38.375599 +0000] D [logging.c:1675:gf_log_flush_extra_msgs] 0-logging-infra: Log buffer size reduced. About to flush 5 extra log messages [2024-01-28 09:22:38.375716 +0000] D [logging.c:1681:gf_log_flush_extra_msgs] 0-logging-infra: Just flushed 5 extra log messages [2024-01-28 09:22:38.375878 +0000] W [glusterfsd.c:1458:cleanup_and_exit] (-->/lib/x86_64-linux-gnu/libgfrpc.so.0(+0xfa35) [0x7ff513de8a35] -->/usr/sbin/glusterfs(+0x14769) [0x564f61e2c769] -->/usr/sbin/glusterfs(cleanup_and_exit+0x57) [0x564f61e23447] ) 0-: received signum (1), shutting down [2024-01-28 09:22:38.375999 +0000] D [mgmt-pmap.c:90:rpc_clnt_mgmt_pmap_signout] 0-fsd-mgmt: portmapper signout arguments not given [2024-01-28 09:22:38.376093 +0000] I [fuse-bridge.c:7065:fini] 0-fuse: Unmounting '/mnt'. [2024-01-28 09:22:38.378550 +0000] I [fuse-bridge.c:7069:fini] 0-fuse: Closing fuse connection to '/mnt'. [2024-01-28 09:22:38.378765 +0000] W [glusterfsd.c:1458:cleanup_and_exit] (-->/lib/x86_64-linux-gnu/libc.so.6(+0x89044) [0x7ff513c6d044] -->/usr/sbin/glusterfs(glusterfs_sigwaiter+0xc5) [0x564f61e2ae05] -->/usr/sbin/glusterfs(cleanup_and_exit+0x57) [0x564f61e23447] ) 0-: received signum (15), shutting down --------------- So the client can resolve the hostname aand it fits to the neme of the gluster-host and it's fqdn. Still the same on the gluster-host: ---------------- ==> /var/log/glusterfs/glusterd.log <== [2024-01-28 09:32:47.673142 +0000] I [socket.c:4288:ssl_setup_connection_params] 0-socket.management: SSL support for MGMT is ENABLED IO path is ENABLED certificate depth is 1 for peer 192.168.57.51:49151 [2024-01-28 09:32:47.677804 +0000] E [socket.c:224:ssl_dump_error_stack] 0-socket.management: error:0A00010B:SSL routines::wrong version number ---------------- :-( still not working. What I don't anderstand: why is it working between the gluster-host but not between the gluster-client and any of the gluster-hosts? Atre they manage the TLS connection a different way? Stefan Am 28.01.24 um 08:44 schrieb Strahil Nikolov: > Usually with Certificates it's always a pain.I would ask you to regenerate > the certificates but by adding the FQDN of the system and the IP used by the > clients to reach the brick in 'SANS' section of the cert. Also, set the > validity to 365 days for the test. > Best Regards,Strahil Nikolov > > > On Fri, Jan 26, 2024 at 21:37, Stefan Kania<ste...@kania-online.de> wrote: > Hi Aravinda > > Am 26.01.24 um 17:01 schrieb Aravinda: >> Does the combined glusterfs.ca includes client nodes pem? Also this file >> need to be placed in Client node as well. > > Yes, I put all the Gluster-node Certificates AND the client certificate > into the glusterfs.ca file. And I put the file to all gluster-nodes and > clients. I did it twice (delete all certificate and restart all over)the > result was always the same. > > Stefan > > > > > -- Stefan Kania Landweg 13 25693 St. Michaelisdonn Signieren jeder E-Mail hilft Spam zu reduzieren und schützt Ihre Privatsphäre. Ein kostenfreies Zertifikat erhalten Sie unter https://www.dgn.de/dgncert/index.html
________ Community Meeting Calendar: Schedule - Every 2nd and 4th Tuesday at 14:30 IST / 09:00 UTC Bridge: https://meet.google.com/cpu-eiue-hvk Gluster-users mailing list Gluster-users@gluster.org https://lists.gluster.org/mailman/listinfo/gluster-users
