Can't enable ssl inside cluster

Description

Steps to reproduce:
1. Bootstrap a manager
2. Start cluster
3. Enable SSL
4. Check "cfy --version" and "cfy ssl status"
As you can see the manager fails to enable ssl, and you've been disconnected from the manager. If you try to connect again you'll get an error message:

Activity

Show:
Guy Offer
November 2, 2017, 3:37 PM

Lukasz, please take a look

Łukasz Maksymczuk
November 6, 2017, 3:46 PM

Fixed by making sure all managers enter the same SSL state.

However please note that every manager will generate its own external cert, and the user will need to download all of them, and then use `cfy profiles set-cluster NODE_NAME --rest-certificate file.pem` with each of them in turn, setting up SSL for every node in the cluster.

Also note that `cfy profiles use` now (since ) won't update the profile you're switching to. If the profile already exists, it will only switch to it, and display a warning message (like the one in the issue description). To update existing profiles, you must use `cfy profiles set` instead.

Fixed

Assignee

Łukasz Maksymczuk

Reporter

Uri Wygodny

Labels

Bug Type

None

Target Version

None

Severity

None

Epic Link

Fix versions

Affects versions

Configure