[c-nsp] 11503 ssl redundancy synch

Ramcharan, Vijay A vijay.ramcharan at verizonbusiness.com
Mon Aug 18 14:46:00 EDT 2008


I don't believe you are missing anything. SSL files (keys, certs etc)
are most likely not copied across.  You will probably need to manually
import them into your standby box. 
For whatever reason, the ACE has this same limitation (seemingly silly
as I can't put my finger on the reason why Cisco cannot sync SSL files
as well as the config). 

F5 has had this on their boxes for a long time now. Makes SSL
configuration a snap. 

 
Vijay Ramcharan 
-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Toby Burrows
(Qube)
Sent: August 18, 2008 04:52
To: cisco-nsp at puck.nether.net
Subject: [c-nsp] 11503 ssl redundancy synch

Hi all, 
I have 2 css11503's in active/passive redundancy config. When using the
commit_redundConfig command the ssl does not copy across. I have cleared
the standby box and started again, but with no luck. The config guides I
have found offer little info on the ssl redundancy, just the normal IP
redundancy, the question is should I configure the ssl config and import
the certs on both boxes and then 

commit the redundant config when I have verified the ssl config on the
standby unit?  Or should it copy all config including all the ssl stuff
and I'm missing something?

Thanks in advance

 

Toby Burrows

Network Engineer


Qube Networks :: The Engineer's Choice for Co-Location, Internet
Bandwidth, Design & Build, and Managed Servers
 
Qube Networks Ltd :: Company Number 04155284 Registered in England and
Wales :: VAT Registration No: GB 769 6428 71 
This e-mail and the information it contains are confidential. If you
have received this e-mail in error please notify the sender immediately.
You should not copy it for any purpose, or disclose its contents to any
other person.

P Please consider the environment - do you really need to print this
email?
_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/


More information about the cisco-nsp mailing list