Details
Description
Create a XDCR remote cluster reference connection using a client cert + client key + root CA tuple.
Once the remote cluster reference is created, it can be verified via curl:
neil.huang@NeilsMacbookPro:~$ curl -X GET -u Administrator:wewewe http://127.0.0.1:9000/pools/default/remoteClusters
|
[{"certificate":"-----BEGIN CERTIFICATE-----\nMIIDGTCCAgGgAwIBAgIUbJ8D6rN9fP2imLHPbceuqW53p64wDQYJKoZIhvcNAQEL\nBQAwHDEaMBgGA1UEAwwRQ291Y2hiYXNlIFJvb3QgQ0EwHhcNMjExMjE0MTgzODEw\nWhcNMzExMjEyMTgzODEwWjAcMRowGAYDVQQDDBFDb3VjaGJhc2UgUm9vdCBDQTCC\nASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALxypvk6SK8ICbKPHfcyqOZ3\nvAqjBi2jesZ+0yutMashbWmLXhVh2iM2l/un2YTedMmp4OeIsjFFO9EZTdUybCy7\nqLJnqaxrarxiPWC0hreTetnr/Iesd/dktBE75Po4y6wJfFbR7gXEMKnJMVdXfz2n\nLW8NsuFkgrcfgbkEE8V5hi5S8fHORUdDfvidi8tp8Htf3KlKhNCDiGOXc+4hWsFq\nmVjXf6fGyvuJ++LCGuIe7H2buer99twhytDBB+Ue9TNDIzEzXVD1cDGOXdiZoCKT\n5GH4ZZ9KlX9OnPOYuSO3AlLr4D0hluoDerC2N3xpwuI8UpttZDztlgjXwy5Ffd0C\nAwEAAaNTMFEwHQYDVR0OBBYEFC8HuuDrEy8cKwGndIAy9y9NGlOlMB8GA1UdIwQY\nMBaAFC8HuuDrEy8cKwGndIAy9y9NGlOlMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZI\nhvcNAQELBQADggEBADdKC3qiBGuwvq4vam67v8WeXK88MUXj7L2X3CE4Gxuq9GyI\nv+avHQUnYwf1HN2rWaOodOHtXPFB1WwuR2ZwtGH2qr20kFT66dj+6ietPMSiqnbK\n/Q6tKhSo/XcbbL/Aq+cYIuXZxUp+XSbslbUfcOdnHFr4qBCppPDIt3MNzr5Wy7pP\n/ZRgheAabon/yl+t4fkgiJASpHKGbUIlsxAYtAndBtzNuogtVbSOgVSFlj+VX7Wo\nQGGEeK3gZxMKoQQBA4yH6+yqM5o9hSKqBjkl3sJma/9OLgrJ8vk6Fx97/P6HcJ4n\nsNT347RmUXj7o2H5Wh6W//sCUQFFK6PRTfXAvCc=\n-----END CERTIFICATE-----","clientCertificate":"-----BEGIN CERTIFICATE-----\nMIIDizCCAnOgAwIBAgIUSoBCwz3a4GcfHRrjO0+3JkTJM68wDQYJKoZIhvcNAQEL\nBQAwHDEaMBgGA1UEAwwRQ291Y2hiYXNlIFJvb3QgQ0EwHhcNMjExMjE0MTgzODEx\nWhcNMjIxMjE0MTgzODExWjAYMRYwFAYDVQQDDA1BZG1pbmlzdHJhdG9yMIIBIjAN\nBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh70UPLdCLJrtTcao2fVoaDCbxftl\n/b6kK3aF2TU9M0dWtu+gph+6GbP3K9d6I30rmyx/oTxYMg+p/MWOQLHljnTqliI0\nPFxmAD7ZC3aFKDJfgoXp6fQ6LJP13XWyzL9Buegwp+dw8xQn6dU/4GKo2wsHkHpN\nPovm94MvFs0Hgbcha37XbDaYW+aMCqpkYg4XMhue+wC6iJWLWEv459+iyBgqZJmA\naAUknwei/WfMZa+umctF0N+0gP5UlNghTWImP7SoatMw9VD4sTNSW28r+2GKgKS6\nN05LsMekGe/OFqvtudmnKkq8lFwNoj7Mla4XSJUoEabZoMOUoCOR7diK3QIDAQAB\no4HIMIHFMAkGA1UdEwQCMAAwHQYDVR0OBBYEFGfCzsQX7BDEam0zAZ0KPW7+8Xje\nMFcGA1UdIwRQME6AFC8HuuDrEy8cKwGndIAy9y9NGlOloSCkHjAcMRowGAYDVQQD\nDBFDb3VjaGJhc2UgUm9vdCBDQYIUbJ8D6rN9fP2imLHPbceuqW53p64wEwYDVR0l\nBAwwCgYIKwYBBQUHAwIwCwYDVR0PBAQDAgeAMB4GA1UdEQQXMBWBE2pvaG4uc21p\ndGhAbWFpbC5jb20wDQYJKoZIhvcNAQELBQADggEBAHbxcEi1qV4pxhG/Bp4sPLM5\nYwFRFkvxd63ZzT1Z0xUDFTlKyhApmzjBypfjOjUv/KY6R2c7XckgimzDJ8KdTyz3\n97huYl/Hw2v5/co8PuOFwtoC6FSlRIEAIgIB3QVglW9Uji6fgW+LAIHv4PSX3LEW\nDlF0aqjkNQITYHjT88Zb96YeWb5+pRNvBei5PcB38zhw4g/oz2fU/5aPQDlWqlOQ\nUXpoDsSmbX6Ssa+3Xz26noCefZw93VozO3BsXgA6DP78msTCvA+0IKyA9GMmT1Oi\nsE13ER2BDX5Pvu2rQ6yqG+yaq8dHmXxwqXkQAKzaY01uMEaNDAwyJ/EVTEUX9n0=\n-----END CERTIFICATE-----","connectivityStatus":"RC_OK","deleted":false,"demandEncryption":true,"encryptionType":"full","hostname":"127.0.0.1:9001","name":"C2","secureType":"full","uri":"/pools/default/remoteClusters/C2","username":"","uuid":"76621863b2d6b265f942a5ec9eca0e4c","validateURI":"/pools/default/remoteClusters/C2?just_validate=1"}]
|
However, when clicking "edit" on the UI for the reference, the "Use Client Certificate" box isn't checked... once manually checked, the client cert is displayed correctly.
Attachments
Issue Links
- relates to
-
MB-50033 XDCR mTLS Appears Broken
- Closed