CipherTrust Manager Clustering Error
In this blog, we’ll discuss the issues of clustering encountered during CipherTrust Manager installation and configuration.
- A generic connection error occurred while creating the cluster. This type of error typically occurs when the host is invalid. Please retry using a valid IP or hostname. Code 8: NCERRInternalServerConnectFailed
- Failed self-connection check. This type of error typically occurs when the host is invalid. Please retry using a valid IP or hostname. Code 8: NCERRInternalServerConnectFailed
Let’s consider that we have 4 CipherTrust Manager nodes (thales01.ec.com, thales02.ec.com, thales03.ec.com, thales04.ec.com) to add to a cluster. As per the procedure, we’ll have to select one of the nodes to create a cluster and, after that, add all the remaining nodes to that cluster. Usually, we have two options for calling out each of the appliances.
We can either mention the hostname of the CipherTrust manager or the IP address. It is, however, recommended to use the hostname instead of the IP address from a networking standpoint. The errors mentioned above are encountered during the cluster creation process when the hostname of the CipherTrust Manager is entered.
The primary reason for these errors is that the CipherTrust Manager cannot recognize the hostname. A user might encounter this issue despite setting up a DNS and a proper hostname.
Let us assume we are creating a cluster from thales01.ec.com and adding all other nodes from this server. To resolve this error, please follow the below-mentioned steps:
On thales01.ec.com, navigate to DNS hosts under Admin settings.
First, add all 4 CipherTrust Manager hostnames.
Navigate to clustering and try creating the cluster again with the hostname of the primary node (thales01.ec.com).
After creating a cluster, we will add other nodes by using their hostname from thales01.ec.com. To complete this process successfully, we’ll first have to add the primary node (thales01.ec.com) on each of the secondary nodes (thales02.ec.com,thales03.ec.com, thales04.ec.com) and then add the secondary node itself
under Admin settings-> DNS Hosts. The concept behind adding the same is for both nodes to recognize themselves as well as each other.
Once the cluster is created, all the nodes have been added, and the testing has been completed, you can delete all the DNS hosts added on each of the CipherTrust Manager appliances and check that clustering is functioning properly.