Hi,
I have a question for a clustered environment and need some clarification. We already have SSL switched on.
For FWD to IDX (or intermediate FWD) connections I will add a new selfsigned CA to the default CA file and will replace the default server.pem with a new server.pem signed by my new CA.
Reboot the FWD or intermediate FWD.
What is the correct order regarding cluster master vs. IDX configuration? Who will create the connection?
I would assume the IDX... in this case I have to setup the IDX first and rebot.
Then the CM and reboot.
Regarding the SH vs. IDX: SH first, then the IDX (which has already been updated...) so SH first, bevor all FWD, IDX, CM. Shut SH down and leave it down until all other instances have been updated...
Summary:
1.) Updating CA file and server.pem on FWD and Reboot FWD (configure outputs.conff with new certs, port 9997)
2.) Updating CA file and server.pem on IDX (configure inputs.conf with new certs, port 9997) and Reboot IDX
3.) Shut SH down and updating new CA file and server.pem (configure server.conf with new certs, port 8089)
4.) Configure IDX (server.conf with new certs, port 8089) and Reboot IDX
5.) Updating CA file and server.pem on ClusterMaster (configure server.conf with new certs, port 8089) and Reboot CM
6.) Startup Search Head
Is this the right order?
... View more