← Back to team overview

maria-discuss team mailing list archive

Galera with stunnel for rsync sst method



Can someone point out or help with a step by step guide to setting up Galera to use stunnel for rsync sst?

I was following the instructions here:


and my main doubts are:

1. Does stunnel itself have to be configured and if so is it the same configuration on all galera nodes?

2. Does stunnel have to be running as a service on any of the galera nodes?

3. Does the configuration shown in the galera documentation

tkey = /etc/my.cnf.d/certificates/client-key.pem
tcert = /etc/my.cnf.d/certificates/client-cert.pem

have to be done on all the galera nodes?

4. Do the above key and cert have to be the same (or have to be different) on all galera nodes?

5. more of a stunnel question, but following the link from the galera documentation to the stunnel documentation for certificate generation,


I got stuck on this command which no longer works on openssl

openssl gendh 2048 >> stunnel.pem

Any idea on what has replaced it?

Thanks for any help.