Clearpass Cluster and Certificate issue
a month ago
I am facing 2 strange issues while configuring 2 CPPM nodes (VM version). Both VMs are hosted on same ESXI host, same subnet. Both are able to ping each other, no firewall between them.
Currently customer is using evaluation version (90 days on both vm appliances)
Version: CPPM 6.7.11
Issue#1. Subsciber is added successfully to publisher, but then after few mins it shows out of sync and stays that way. We tried rebooting, removing and re-adding it to publisher, but the behavior is same.
Issue#2. I have created private CA (using openssl) and created certificate with SAN such that CN=CPPM-VIP.domain, SAN:CPPM-Pub.domain, SAN:CPPM-Sub.domain. Its only the subscriber that after installing the certificate, shows https error when user browse to CPPM-sub.domain and certificate error is, CPPM-Sub signed its own certificate !!. This is bit absurd. We tried reinstalling the subscriber vm and repeated the whole process, both issues remain same.