D81 Posted October 7 Share Posted October 7 (edited) HI Im configuring a pair of App Volumes that will work behind a load balancer (F5). I've installed the firsta app volume without problems I have installed the domain CA certificate on it Later I have created the .CRT and .KEY for the PEM certificates (with OpenSSL) I have copied them on the specific route Finally I have modified the nginx.conf file with the name of the certificates After restarting the server all works fine and I can access to each App vol server with https However when configuring the load balancer, the customer has provided a SSL certificate for the load balancer url: appvol.mydomain.local So now Im suposed to configure that certificate on the nginx... how should I do it? As far as I know the nginx config file can only point to one certificate at time. Thanks in advance! Edited October 9 by D81 SOLVED Link to comment Share on other sites More sharing options...
D81 Posted October 8 Author Share Posted October 8 A little feedback here... I have deleted the last certificate on both app volumes and I have created a new one. The certificate is configured in that way on server Appvol01: CN = appvol01.mydomain.local DNS= appvol01.mydomain.local DNS= appvolbalance.mydomain.local And the second server will have this certificate: CN = appvol02.mydomain.local DNS= appvol02.mydomain.local DNS= appvolbalance.mydomain.local So if anybody is pointing to the appvol01 it will load and if anybody points to the load balance URL it will point to any of the servers. Is that config corrcet on the servers side?? Link to comment Share on other sites More sharing options...
Solution vmguru Posted October 8 Solution Share Posted October 8 I think you need only one certificate with these properties: CN = appvolbalance.mydomain.local DNS= appvol01.mydomain.local DNS= appvolbalance.mydomain.local DNS= appvol02.mydomain.local br 1 Link to comment Share on other sites More sharing options...
Robin Harmsen Posted October 8 Share Posted October 8 1 hour ago, vmguru said: I think you need only one certificate with these properties: CN = appvolbalance.mydomain.local DNS= appvol01.mydomain.local DNS= appvolbalance.mydomain.local DNS= appvol02.mydomain.local br We have something like this. So one certificate for both/multiple servers. 1 Senior Engineer (SDDC, EUC, DBA, Applications) at the Netherlands Cancer Institute - Antoni van Leeuwenhoek Hospital (NKI-AVL) Link to comment Share on other sites More sharing options...
D81 Posted October 9 Author Share Posted October 9 (edited) OK we will thest it that way! By the way, the order of the DNS is relevant? EDIT: it works!!! thanks!! Edited October 9 by D81 Solution Link to comment Share on other sites More sharing options...
Robin Harmsen Posted October 9 Share Posted October 9 3 hours ago, D81 said: OK we will thest it that way! By the way, the order of the DNS is relevant? EDIT: it works!!! thanks!! Good that is works. Not sure if the order is relevant, but we tend to use the LB adderss as the main (CN) and the LB and server adresses as alternate (DNS) 1 Senior Engineer (SDDC, EUC, DBA, Applications) at the Netherlands Cancer Institute - Antoni van Leeuwenhoek Hospital (NKI-AVL) Link to comment Share on other sites More sharing options...
D81 Posted October 9 Author Share Posted October 9 8 minutes ago, Robin Harmsen said: Good that is works. Not sure if the order is relevant, but we tend to use the LB adderss as the main (CN) and the LB and server adresses as alternate (DNS) OK thanks! I assume the connection servers should be configured in that way too Link to comment Share on other sites More sharing options...
vmguru Posted October 11 Share Posted October 11 On 10/9/2024 at 8:57 AM, D81 said: OK we will thest it that way! By the way, the order of the DNS is relevant? EDIT: it works!!! thanks!! Your welcome! Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now