Hi everyone,
I have a problem (cert maybe) with adding second AV manager server (Settings->Locations ->AV Manger)
Error 1:
Unable to register service due to domain error.
400 Bad Request
The plain HTTP request was sent to HTTPS port
nginx
Error2 :
Unable to register service due to domain error. Server Failure: Error: SSL Error: UNABLE_TO_VERIFY_LEAF_SIGNATURE
How to fix this?
First part on page 21&22 (cert create&replace ) I made before and it was ok.
But I have two questions regarding this procedure on page 22
Installing SSL Certificates of External App Volumes Managers
Procedure
1 Copy the external AV Manager's CA certificate (e.g., rootCA.crt, if you've followed the procedure from
“Replacing the Default Self-Signed Certificate of AV Manager with a CA-signed Certificate,” on page 21) to local.
2 Make sure the file is in CRT or PEM format (Base 64-encoded text format).
3 Create a new file (for example, avCerts.pem) and copy the contents of the converted file in this file.
Make sure this file is readable for "xmp" user.
Q: Where (on which location) I need to create and put this avCerts.pem ?
4 Set the environment variable XMP_SSL_CERT_FILE to the path of the file where App Volumes certificates
are copied. This environment variable and the file to which it points should be readable for "xmp" user
in the App Volumes OVA/VM.
Q: Where is located variable XMP_SSL_CERT_FILE ?
only information,
in the current AppVolumes version can be only one AV manager ,second AV manager is not supported .
Not supported and AT YOUR OWN RISK but possible.
You can point the second manager back to the original or point both to an external Postgres db.
From the first OVA do the below.
/usr/local/av-manager/db_setup.sh <postgres_IP> <db_name> <db_username> <db_password> reset
/etc/wemi/utils/disable_ssl_validation.sh
on Second OVA...
run:
1) /usr/local/av-manager/db_setup.sh <postgres_IP> <db_name> <db_username> <db_password>
2) /etc/wemi/utils/disable_ssl_validation.sh
and then done
*do not* add “reset” at end of command on second OVA .. otherwise any db config will be cleared