hainguyen291
commented
6 years ago Here is the signer.log of my Security Server.
And this is certificate that I am using for test-CA and the log of /upstart/ocsp.log
Closed hainguyen291 closed 6 years ago
hainguyen291
commented
6 years ago Here is the signer.log of my Security Server.
And this is certificate that I am using for test-CA and the log of /upstart/ocsp.log
petkivim
commented
6 years ago Hi @hainguyen291
Does the Security Server have auth and/or sign certificates yet? The Security Server tries to connect the OCSP service only if it has certificates which OCSP responses must be fetched. Time-stamping takes place only when messages are processed so if you haven't sent any messages TSA should not be connected either.
If there are no certificates configured yet and no messages have been sent, that's the expected status.
Regards, Petteri
hainguyen291
commented
6 years ago Hi petkivim,
You are right. It is my bad!!! It has been 3 months since the last time I config SS, I almost forget this step. Btw, I am going to build a HA system for Security Server Clustering. Are there any documents about this?
Thank you very much, Hai
JyrgenSuvalov
commented
6 years ago Hi @hainguyen291
I think Petteri's blog post on load balancing provides a very good overview of HA in X-Road :) https://www.niis.org/blog/2018/6/25/balancing-the-load.
Regards, Jürgen
hainguyen291
commented
6 years ago Hi @JyrgenSuvalov
Thank you, Hai
Hi everyone,
I build test CA servers including: TSA and OCSP. However, status of TSA and OCSP on SS's side is always in yellow
service has been contacted but is yet to have been used to verify its statusstate.Regars, Hai