Project

General

Profile

Actions

Bug #9283

closed

Not obvious that HA sync will still sync certs if cert sync disabled but OpenVPN sync enabled

Added by Art Manion about 5 years ago. Updated over 4 years ago.

Status:
Resolved
Priority:
Very Low
Assignee:
Category:
XMLRPC
Target version:
Start date:
01/22/2019
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
2.4.4_2
Affected Architecture:
amd64

Description

system A has external/imported certificate A
system B has external/imported certificate B

Both just upgraded to 2.4.4_2. A is Netgate/ADI image, B is community.

System > High Avail. Sync

XMLRPC Sync

uncheck "Certificate Authorities, Certificates, and Certificate Revocation Lists"

External/imported certificate (A) from master is still synced to secondary, certificate B is deleted from secondary. On reboot, secondary gains an additional self-signed certificate C.

Work around: Create certificate D that has subject alternative names for all IPs and DNS names, use certificate D for web configurator on both systems and re-enable XMLRPC sync for certificates.

Actions

Also available in: Atom PDF