Cluster certificates are not updated on cluster join. Centos 7.4 (centos-release-7-4.1708.el7.centos.x86_64)
1. Bootstrap managers with ssl with autogenerated certificate
2. Start cluster on one CLI - I used cluster master CLI
3. Move to another node CLI and add cluster master profile and update it with `cfy cluster update-profile`
4. Try to add another node - I used cluster replica node CLI
Example:
1
2
3
4
5
[centos@cfy-4 ~]$ cfy cluster join 10.10.25.104 --cluster-host-ip 10.10.25.103
Joining the Cloudify Manager cluster: [u'10.10.25.104']
2018-02-08T12:14:09 Started /opt/manager/env/bin/create_cluster_node --config /tmp/tmpvbxvoI.
2018-02-08T12:14:09 Starting /opt/manager/env/bin/create_cluster_node --config /tmp/tmpvbxvoI...
An SSL-related error has occurred. This can happen if the specified REST certificate does not match the certificate on the manager. Underlying reason: HTTPSConnectionPool(host='10.10.25.103', port=443): Max retries exceeded with url: /api/v3.1/cluster?since=s%3D8da27bcd7cb44bb181b756f2da30e507%3Bi%3D832%3Bb%3Ddc0af0bfa15241d3bc4c60aa43c5b30e%3Bm%3D2c67106d3%3Bt%3D564b2595a72bf%3Bx%3D6111d8f76786cad7&_include=logs%2Cinitialized%2Cerror (Caused by SSLError(SSLError(1, u'[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:581)'),))Cluster manager context:
1
2
3
4
5
[centos@cfy-4 ~]$ cat ~/.cloudify/profiles/10.10.25.104/context
!CloudifyProfileContext
_cluster:
- {manager_ip: !!python/unicode '10.10.25.104', name: !!python/unicode 'cloudify_manager_KJ5AR4'}
- {manager_ip: !!python/unicode '10.10.25.103', name: !!python/unicode 'cloudify_manager_XEVYCK'}