[Spacewalk-list] high availabilty and spacewalk SSLs
Musayev, Ilya
imusayev at webmd.net
Thu May 3 18:30:17 UTC 2012
I'm trying to design spacewalk environment with HA in mind.
The proposed layout as follows
2 master server
masterspwlk-ny.example.com as a hostname and CNAME myspacewalk.example.com - ACTIVE host
masterspwlk-ca.example.com as a hostname and CNAME myspacewalk.example.com - STANDBY host, the CNAME flip will occur only if ACTIVE host fails.
2 spacewalk proxy hosts (connects to myspacewalk.example.com)
spwlk-proxy-ny.example.com with CNAME spwlk-ny.example.com
spwlk-proxy-ca.example.com with CNAME spwlk-ca.example.com
My problem, the SSL certificates are bounded to hostname and when client gets the cert - it complains about cert mismatch. For example, the cert was issued to masterspwlk-ny.example.com, but the host that is being use is myspacewalk.example.com.
How would I mitigate this issue, can I recreate the certificates with CNAME, what would be the procedure? Can I have multiple certs on master and proxy hosts?
Any feedback is appreciated,
Thanks
ilya
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/spacewalk-list/attachments/20120503/4be6a48c/attachment.htm>
More information about the Spacewalk-list
mailing list