Certificates with a 2 node redundancy

Zied_Brahmi · February 26, 2025, 10:01am

Hi,

We have a 2 node redundancy, and we updated some certificates for the main, however we did not for the backup, and now I see that the backup can't connect to some OPC UA server because of the client certificate that has not been updated and it's expired.

There is a way to sync both certificates? or do I need to create a certificate for the backup too?
I m considering a force resync, but I m not sure about the behavior ( when I click force resync from the backup it will sync backup with master? or it will update the master with backup state? )
Thank you.

pturmel · February 26, 2025, 12:48pm

Yes.

michael.flagler · February 26, 2025, 2:44pm

I thought the only things you could edit/change on a backup node were the redundancy settings and everything else sync'd.

The one thing I know it won't even allow it to sync without though are modules. If there's a mismatch of installed modules, they both have to have the same modules and versions installed, but otherwise I thought configuration including certificates were sync'd.

A force re-sync should force a resync from master to backup. (Or at least active to standby if for some reason your backup node is active).