Now when I start chronyd -d on the server it runs without errors. I made it owned by theĬhrony user: server# chown chrony /etc/certs/* The error was caused by the permissions on /etc/certs/chrony.key, Using right/UTC timezone to obtain leap second data Could not set credentials : Error while reading file. Frequency 0.765 /- 3.876 ppm read from /var/lib/chrony/drift I started the server in debug mode to test it out and saw an error I configured the server like this: pool 2. iburst Server# openssl req -x509 -nodes -newkey rsa:4096 \ I started by generating a self-signed certificate for use by the server: server# cd /etc/chrony Is the certificate used by your NTS server trusted by your client? I tried to reproduce your configuration and I was able to get things working. When checking the capture, it seems that the server terminates the connection after receiving the client hello: TLS handshake with 192.168.11.29:4460 (server1) failed : The TLS connection was non-properly terminated. chronyd version 4.2 starting ( CMDMON NTP REFCLOCK RTC PRIVDROP SCFILTER SIGND ASYNCDNS NTS SECHASH IPV6 DEBUG) Sync test: ~]# chronyd -Q -t 3 'server server1 iburst nts maxsamples 1' Server server1 iburst ~]# cat /etc/chrony.keys Any idea what the issue might be? Below is the server and client config: However, when I enable NTS, and configure the server to use certificate, the sync is failing. Without NTS everything is fine and the time is being synced. I have configured Chrony server and client on two Centos 9 Stream machines.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |