>> "Borresen, John - 0442 - MITLL"
<John.Borresen(a)ll.mit.edu> schrieb am
14.01.2014 um 20:22 in Nachricht
Thanks for your help with my last post.
Now, the next task, will be setting up an N-way multimaster:
Using TLS. To create the certificates, finding a lot of varying ideas via
google, what is the "best practice" to create certificates to where I don't
have to touch each client if a server goes down. Create a wildcard cert or
use the subjectAltName in the openssl.cnf file?
I don't see your problem: The certificates are just "normal"; one for each
server. And you want to add each server to each client. If one server goes down, you
don't have to do anything. What did I miss from your description?
John D. Borresen (Dave)
Linux/Unix Systems Administrator
MIT Lincoln Laboratory
Surveillance Systems Group
244 Wood St
Lexington, MA 02420