How to check if we have configured Network Encryption on RHHI-V or Red Hat Gluster Storage - What is self-signed encryption?
Issue
RHHI-V Host Replacement is described at
RHHI-V 1.6 Maintaining Red Hat Hyperconverged Infrastructure for Virtualization - Chapter 13. Replacing hosts
13.1 states: “When self-signed encryption is enabled, replacing a node is a disruptive process that requires virtual machines and the Hosted Engine to be shut down.”
Q1. What does this “self-signed encryption” refers to?
Q2. How do we know whether it is enabled or not?
Q3. Why it is this a disruptive process when self-signed encryption is enabled?
Note. When certificates expire (usually after 1 year) you need to follow the exact same process of creating certificates and the concatenated CA file.
If something is wrong , you may get an error like:
SSL connect error (client : IP_client:1021) (server: IP_server:24007)
routines:ssl3_read_bytes:tlsv1 alert unknown ca
Environment
- RHHI-V 1.6 (this may apply to previous versions too)
- RHGS 3.5 (this may apply to previous versions too)
- OCS 3.11.X
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.