Re: N-Way-Multimaster Configuration
Borresen, John - 0442 - MITLL wrote:
Thanks for your help with my last post.
Now, the next task, will be setting up an N-way multimaster:
Server1
Server2
Server3
Server4
Using TLS. To create the certificates, finding a lot of varying ideas via google, what
is the "best practice" to create certificates to where I don't have to touch
each client if a server goes down. Create a wildcard cert or use the subjectAltName in
the openssl.cnf file?
Personally I' prefer to issue separate certs to each replica. I use the server
certs also as client cert for authenticating the replicas to each other with
SASL/EXTERNAL.
Ciao, Michael.
Attachments:
- smime.p7s (application/pkcs7-signature — 2.3 KB)