I've got cosign up and working but I have questions regarding
replication, DNS entry and cert cns. Cosignd & monster are talking,
pushing, etc.
How do you setup the filter CosignHostname and cgi "set cosignhost" to
point to both replicas? multiple A records don't work in my current
setup because the cosignd cert cn matches the individual host names. If
you use multiple A records how do you specify the replica (-h option)
and make the cert cn / hostname checks happy?
If I read the code correctly is this the correct solution?
cosign.foo.bar IN A 1.1.1.1
IN A 1.1.1.2
1.1.1.1 & 1.1.1.2 cosignd cert cn set to cosign.foo.bar
set cosignhost and CosignHostname set to cosign.foo.bar
cosignd and monster -h set to cosign.foo.bar
Is this correct?
Any help is appreciated.
Paul
Current setup (short hostname to save typing, currently cert cn matches
hostname)
Daemon Servers
cosign-01
cosign-02
monster & cosignd -h arguments point to other machine
on cosign-01 -> -h cosign-02
on cosign-02 -> -h cosign-01
CGI Server
weblogin-01
Apache2 Filter Clients
www-01
lobby
-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
Cosign-discuss mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/cosign-discuss
