SIMPLE SOLUTIONS

COROSYNC-QNETD-CERTUTIL(8) - Linux man page online | Administration and privileged commands

Tool to generate qnetd TLS certificates.

Chapter
2016-06-28
COROSYNC-QNETD-CERTUTIL(8) System Manager's Manual COROSYNC-QNETD-CERTUTIL(8)

NAME

corosync-qnetd-certutil - tool to generate qnetd TLS certificates

SYNOPSIS

corosync-qnetd-certutil [-i|-s] [-c certificate] [-n cluster_name]

DESCRIPTION

corosync-qnetd-certutil is a frontend for the NSS certutil, it is used for generating the QNetd CA (Certificate Authority), server certificate and signing cluster certificate used by corosync-qdevice when using the model 'net'.

OPTIONS

-i Initialize the QNetd NSS certificate database and generate the QNetd CA and server certificates. The default directory for the database is /etc/corosync/qnetd. This directory must be writeable by the current user. The QNetd CA certificate is also exported into the file /etc/corosync/qnetd/nssdb/qnetd-cacert.crt. -s Sign the cluster certificate. It is necessary to pass the cluster name (as config‐ ured in corosync.conf) and the certificate request file - see options below. The signed certificate will be written to the file /etc/corosync/qnetd/nssdb/clus‐ ter-$ClusterName.crt -c Certificate request file to sign. -n Name of the cluster.

NOTES

If qnetd is executed by a non root user, /etc/corosync/qnetd and its subdirectories must be owned by (or have group access for) the given user. If corosync-qnetd-certutil is exe‐ cuted as root it tries to copy the owner and group of /etc/corosync/qnetd to all of the created files.

SEE ALSO

corosync-qnetd(8) corosync-qdevice(8)

AUTHOR

Jan Friesse
2016-06-28 COROSYNC-QNETD-CERTUTIL(8)
This manual Reference Other manuals
corosync-qnetd-certutil(8) referred by corosync-qnetd(8)
refer to corosync-qdevice(8) | corosync-qnetd(8)
Download raw manual
Index System Manager's Manual (+2060) № 8 (+5755)
Go top