Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2708
Views
10
Helpful
3
Replies

Expressways Let's Encrypt/ACME feature with Cluster

Thomas Leitner
Level 4
Level 4

‎05-01-2019 08:46 AM

Hey Community,

I'm currently in the design phase of a new expressway Cluster.

 

Expressway has since Version X12.5 the ability to get certificates signed by ACME (Lets encrypt).

Now back to my question - has anyone tried already to sign expressway e certificates of a cluster?

 

My design has currently the following variables:

Clustername: cluster.customer.org

Node 1: node1.customer.org

Node 2: node2.customer.org

 

therefore the public certificate has to have the following settings:

Node1: CN=node1.customer.org SAN= node1.customer.org,cluster.customer.org

Node2: CN=node2.customer.org SAN=node2.customer.org,cluster.customer.org

 

the A-Records are planned:
cluster.customer.org = <public ip of node1>, <public ip of node2>

node1.customer.org = <public ip of node1>

node2.customer.org = <public ip of node2>

 

is this possible with Lets Encrypt?

 

thanks in advance,

br Thomas

2 people had this problem
Labels:
3 Replies 3

Thomas Leitner
Level 4
Level 4

‎05-09-2019 05:20 AM

hey community, 

to keep the flow running, a quick answer.

 

It is working - the important thing is to get all the A Records (needed by the lets encrypt service) configured correctly.

 

the acme client on expressway is working fine :) 

 

br Thomas

IngoJuergensmann
Level 5
Level 5
In response to Thomas Leitner

‎01-08-2020 12:58 AM

One question: do you use the Expressway with ACME for Jabber XMPP Federation as well?

0 Helpful

Alexander Yug
Level 1
Level 1

‎09-08-2019 10:57 PM

Hi,

Have you solved this? How?
0 Helpful
Customers Also Viewed These Support Documents