Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Cert Manager NOT syncing. How to diagnose?

    HA/CARP/VIPs
    2
    4
    1.1k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • MrPeteM
      MrPete
      last edited by

      I have my XML-RPC working nicely... with one major exception.

      Changes in System->Cert Manager are NOT synced to Backup.

      I have not found any log errors.

      Actually, many changes don't appear to be logged at all: deleting a Cert, adding a Cert. Only Cert updates.

      QUESTIONS:

      1. Is Cert sync supposed to work?
      2. Any suggestions for diagnosing this?

      Thanks!
      Pete

      JeGrJ MrPeteM 2 Replies Last reply Reply Quote 0
      • JeGrJ
        JeGr LAYER 8 Moderator @MrPete
        last edited by

        @mrpete If that's about the ACME certificates the question was already answered in the other thread.

        Don't forget to upvote 👍 those who kindly offered their time and brainpower to help you!

        If you're interested, I'm available to discuss details of German-speaking paid support (for companies) if needed.

        MrPeteM 1 Reply Last reply Reply Quote 1
        • MrPeteM
          MrPete @JeGr
          last edited by

          @jegr Nope.
          I'm talking the built-in pfSense Cert Manager.

          1 Reply Last reply Reply Quote 0
          • MrPeteM
            MrPete @MrPete
            last edited by

            Solved it.

            Diagnostic Method:

            • Review ALL the basics...
              • Interfaces are same, same order (easiest for me: check the Interfaces menu item links :) )
              • XMLRPC Sync setup is correct: correct IP, login, pw on Master. NONE of those on Backup.
              • Sync setup is correct in other packages (depends on pkg)
            • Fix any errors
            • Now make a change in the area(s) that were not syncing

            In my case:

            • Oops: I had an IP still in "Sync Config to IP"
            • Then, make small changes as needed...
              • changing one static DNS assign-> All transferred
              • changing one HAproxy item -> All transferred
              • changing one Cert item -> all sync'd incl old/bad certs gone

            etc.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.