Differences between revisions 3 and 5 (spanning 2 versions)

GlusterFS Encryption

Keys

On each of the Glusterfs servers and clients run.

mkdir /etc/ssl/glusterfs
cd /etc/ssl/glusterfs
openssl genrsa -out glusterfs.key 2048

Now sign certificates using those keys. Replace the CN so it matches the host you are siging the certificate on.

openssl req -new -x509 -key glusterfs.key -subj "/CN=gluster01" -out glusterfs.pem

None: GlusterFS Encryption (last edited 2021-03-26 21:25:57 by Kristian Kallenberg)

-  ⇤ ← Revision 3 as of 2017-12-24 16:52:20 → 
  Size: 745
  Editor: Kristian Kallenberg
  Comment:
+   ← Revision 5 as of 2017-12-24 16:53:47 → ⇥
  Size: 424
  Editor: Kristian Kallenberg
  Comment:
-Deletions are marked like this.
+Additions are marked like this.
 Line 5:
-On each of the Glusterfs servers run.
+On each of the Glusterfs servers and clients run.
 Line 13:
-Now sign a certificate using that key.
+Now sign certificates using those keys. Replace the `CN` so it matches the host you are siging the certificate on.
 Line 15:
-root@gluster01:/etc/ssl/glusterfs# openssl req -new -x509 -key glusterfs.key -subj "/CN=gluster01" -out glusterfs.pem
root@gluster02:/etc/ssl/glusterfs# openssl req -new -x509 -key glusterfs.key -subj "/CN=gluster02" -out glusterfs.pem
root@gluster03:/etc/ssl/glusterfs# openssl req -new -x509 -key glusterfs.key -subj "/CN=gluster03" -out glusterfs.pem
root@gluster04:/etc/ssl/glusterfs# openssl req -new -x509 -key glusterfs.key -subj "/CN=gluster04" -out glusterfs.pem
+openssl req -new -x509 -key glusterfs.key -subj "/CN=gluster01" -out glusterfs.pem
-Line 20:
+Line 17:
-== Clients ==