[Bugs] [Bug 1601356] Problem with SSL/TLS encryption on Gluster 4.0 & 4.1
bugzilla at redhat.com
bugzilla at redhat.com
Tue Jul 31 06:21:47 UTC 2018
https://bugzilla.redhat.com/show_bug.cgi?id=1601356
Milind Changire <mchangir at redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |andreihavriliuc at gmail.com,
| |mchangir at redhat.com
Flags| |needinfo?(andreihavriliuc at g
| |mail.com)
--- Comment #2 from Milind Changire <mchangir at redhat.com> ---
As per Step 8
8. Set up TLS/SSL encryption on all nodes and clients (gluster1,
gluster2, gluster-client):
openssl genrsa -out /etc/ssl/glusterfs.key 2048
In gluster1 node:
openssl req -new -x509 -key /etc/ssl/glusterfs.key -subj "/CN=gluster1"
-out /etc/ssl/glusterfs.pem
In gluster2 node:
openssl req -new -x509 -key /etc/ssl/glusterfs.key -subj "/CN=gluster2"
-out /etc/ssl/glusterfs.pem
In gluster-client node:
openssl req -new -x509 -key /etc/ssl/glusterfs.key -subj
"/CN=gluster-client" -out /etc/ssl/glusterfs.pem
----------
As per Step 15
15. Setup SSL/TLS access to the volume:
gluster volume set vol01 auth.ssl-allow 'gluster01,gluster02,gluster-client'
gluster volume set vol01 client.ssl on
gluster volume set vol01 server.ssl on
gluster volume set vol01 network.ping-timeout "5"
gluster volume start vol01
----------
Please note that the Common Name mentioned during SSL key/cert generation is
"gluster1" but mentioned in auth.ssl-allow is "gluster01". Please note the '0'
prefixed to '1'.
Is this a typo during bug reporting or an actual typo during volume
configuration ?
If this is a typo during volume configuration, it needs to be corrected.
Please set auth.ssl-allow to:
gluster volume set vol01 auth.ssl-allow 'gluster1,gluster2,gluster-client'
--
You are receiving this mail because:
You are on the CC list for the bug.
You are the assignee for the bug.
More information about the Bugs
mailing list