Running "sync ha files ssl" Does Not Delete Files from Secondary NetScaler

Running "sync ha files ssl" Does Not Delete Files from Secondary NetScaler

book

Article ID: CTX200422

calendar_today

Updated On:

Description

When you run the command "sync ha files ssl", files which are not present on the primary appliance are not deleted from the secondary appliance.

The certificate file which is deleted through the shell prompt on primary NetScaler (in the directory /nsconfig/ssl/) is not deleted on the secondary NetScaler after running the command "sync ha files ssl".

Resolution

To resolve this issue run the command sync ha files. This command will only add/append files which are not present on the secondary NetScaler.

Problem Cause

After the "add SSL certkey" command is triggered, the corresponding certificate/key is stored in memory. Any processing which requires the certificate/key will take place in memory. So even if you remove the certificate/key after a successful add operation, it is not going to take effect until you reboot the NetScaler appliance (reapplying the configuration).

In case of High Availability setup even after reboot/failover the certificate/key is not removed from the appliance because the reboot/failover sync is triggered to maintain the NetScaler in working state.

Issue/Introduction

When you run the command "sync ha files ssl", files which are not present on the primary appliance are not deleted from the secondary appliance.

Additional Information

CTX138748 - File Synchronization in a NetScaler High Availability Setup

Powered by Wolken Software