Go to main content

Administering an Oracle® Solaris Cluster 4.4 Configuration

Exit Print View

Updated: March 2019
 
 

How to Configure Common Agent Container Security Keys

Oracle Solaris Cluster Manager uses strong encryption techniques to ensure secure communication between the Oracle Solaris Cluster Manager web server and each cluster node.

Cacao connection errors can occur when you are using the data service configuration wizards in Oracle Solaris Cluster Manager or performing other Oracle Solaris Cluster Manager tasks. This procedure copies the security files for the common agent container to all cluster nodes. This ensures that security files for the common agent container are identical on all cluster nodes and that the copied files retain the correct file permissions. Performing this procedure synchronizes the security keys.

  1. On each node, stop the security file agent.
    phys-schost# /usr/sbin/cacaoadm stop
  2. On one node, change to the /etc/cacao/instances/default/ directory.
    phys-schost-1# cd /etc/cacao/instances/default/
  3. Create a tar file of the /etc/cacao/instances/default/ directory.
    phys-schost-1# tar cf /tmp/SECURITY.tar security
  4. Copy the /tmp/Security.tar file to each of the cluster nodes.
  5. On each node where you copied the/tmp/SECURITY.tar file, extract the security files.

    Any security files that already exist in the /etc/cacao/instances/default/ directory are overwritten.

    phys-schost-2# cd /etc/cacao/instances/default/
    phys-schost-2# tar xf /tmp/SECURITY.tar
  6. Delete each copy of the tar file to avoid security risks.

    You must delete each copy of the tar file to avoid security risks.

    phys-schost-1# rm /tmp/SECURITY.tar
    phys-schost-2# rm /tmp/SECURITY.tar
  7. On each node, start the security file agent.
    phys-schost# /usr/sbin/cacaoadm start