Security

Reply
Frequent Contributor I

Clearpass Cluster and Certificate issue

Dear Experts, 

 

I am facing 2 strange issues while configuring 2 CPPM nodes (VM version). Both VMs are hosted on same ESXI host, same subnet. Both are able to ping each other, no firewall between them. 

Currently customer is using evaluation version (90 days on both vm appliances)

 

Version: CPPM 6.7.11

 

Issue#1. Subsciber is added successfully to publisher, but then after few mins it shows out of sync and stays that way. We tried rebooting, removing and re-adding it to publisher, but the behavior is same. 

 

Issue#2. I have created private CA (using openssl) and created certificate with SAN such that CN=CPPM-VIP.domain, SAN:CPPM-Pub.domain, SAN:CPPM-Sub.domain. Its only the subscriber that after installing the certificate, shows https error when user browse to CPPM-sub.domain and certificate error is, CPPM-Sub signed its own certificate !!. This is bit absurd. We tried reinstalling the subscriber vm and repeated the whole process, both issues remain same. 

 

Any ideas?

Frequent Contributor I

Re: Clearpass Cluster and Certificate issue

please ignore, customer configured NTP on publisher only which changed the time by 10 hours between publisher and subscriber.

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: