Today we visited the datacenter again to return the newly installed backup machine webdb2 and verify some settings on the signer machines.
While we were onsite, we updated neary all critical machines (including our main firewall), which caused outages of some minutes of our services.
After all updates were done we ran some tests including issuing Class1 and Class3-certifcates (client and server). A minor isse with crl-server (not running the rsync-service) was corrected afterwards remotely.
Both signers are now communicating with their webdb-servers. In the next days we’ll set up an automatic backup of webdb1 to webdb2 so webdb2 can fully replace webdb1 in case of a failure, which could not be corrected remoted.