You have setup two DSAs on a two separate nodes in MW-DISP recovery replication. Making sure the initial data set is identiacal and still replication is not working, revealing following messages in the log files:
** In warn log:
WARN : Supplied DN 'cn=abc,ou=def,o=The company-name,l=Citi-name,st=State-name,c=US' matches no remote DSA
** In alarm log:
DSA_E2735 Multiwrite-DISP: Unable to synchronize with peer 'xxxxxxdsanamexxxx'
Release : 14.1
The problem is related to your custom certs (.pem files) for your DSAs that are in DXHOME/config/ssld/personalities folder while at the same time to use the certs you have configured 'ssl-auth' in your DSA's KNOWLEDGE .dxc file as part of 'auth-levels' parameter.
The DSA certs must have the 'subject' matching the 'dsa-name' paramter that you have in KNOWLEDGE .dxc file.
i.e. you may have:
set dsa "democorp" =
{
prefix = <c au><o democorp>
dsa-name = <c au><o democorp><cn "democorp">
dsa-password = "secret"
address = ipv4 "hostname" port 12345
disp-psap = DISP
snmp-port = 12345
console-port = 12346
auth-levels = anonymous, clear-password, ssl-auth
trust-flags = allow-check-password, trust-conveyed-originator, trust-dsa-triggered-operations
};
Soultion would be to either....
1) Temporarily remove 'ssl-auth' from the 'auth-levels' paramter and restart the DSAs.
2) While the above will work, you can work on obtaining new certs where the 'subject' of the certificate is matching what the 'dsa-name' is defined with. Once put in place, add 'ssl-auth' back in the configuration file and you will be good to use SSL protocol.