(3) node cluster TLS configuration vertica11.x how to add 3 nodes in SAN with CREATE CERTIFICATE

giridhar_ktgiridhar_kt Vertica Customer
in General Discussion

Please can you provide SAN how to add 3 nodes as document is says only one node,

https://www.vertica.com/kb/Using-Mutual-Mode-SSL-Server-Authentication-with-Vertica/Content/BestPractices/Using-Mutual-Mode-SSL-Server-Authentication-with-Vertica.htm

Tried below it didnt work, only first node is accepted and rest ignored ???

CREATE CERTIFICATE server_crt_test SUBJECT '/C=XX/ST=XX/L=XX/O=xXX/OU=XXX/CN=Vertica SRV' SIGNED BY ca_cert EXTENSIONS 'authorityKeyIdentifier' = 'keyid:always,issuer', 'nsCertType' = 'server','extendedKeyUsage' = 'serverAuth', 'subjectAltName' = 'DNS.1:BBBBBBB,IP:YYYYYYY\n'DNS.2:CCCCCCCCCCC,IP:RRRRRR\n'DNS.3:AAAAAAAA,IP:GGGGGG' KEY server_key;

Tagged:

Best Answers

  • SruthiASruthiA Administrator
    edited January 2023 Answer ✓

    Please use comma separated list like below to specify all 3 nodes.

    'subjectAltName' = 'DNS.1:alt_hostname1,IP:IP_address1,DNS.2:alt_hostname2,IP:IP_address2,DNS.3:alt_hostname3,IP:IP_address3'

  • giridhar_ktgiridhar_kt Vertica Customer
    Answer ✓

    Thanks a lot !!!, it worked

Leave a Comment

BoldItalicStrikethroughOrdered listUnordered list
Format
SpoilerCodeQuote
Heading 2Heading 1
Emoji
:):D:(;):/:o:s:p:'(:|B):#:*<3o:)>:)
Url
Image
Align leftAlign centerAlign rightToggle HTML viewToggle full pageToggle lights
Drop image/file
Home General DiscussionComment As ...