[ntp:questions] Problem using ntp autokey with the trusted certificate identity s cheme

Steve Kostecke kostecke at ntp.org
Mon Feb 9 21:59:25 UTC 2009

On 2009-02-04, Bartholome, Alain <alain.bartholome at eads.com> wrote:

> I am currently trying to run the ntp autokey protocol with the Trusted
> Certificate identity scheme.

You may find the information at
http://support.ntp.org/Support/ConfiguringAutokey to be helpful.

> I use 3 systems (serverT1, server2,server3) all running ntp-4.2.4p6 on
> windows 2003.

This means that the debate about ntp-stable vs ntp-dev is not relevant
to your case. Just remember that the documentaion at
http://www.eecis.udel.edu/~mills/ntp/html/ is for ntp-dev; see
http://doc.ntp.org/ or the ./html/ directory in the release tarball for
your version for the documentation applicable to that version.

> 1)The stratum 1 system , serverT1  is trusted.

> 2) serveur server2 is not trusted , synchronization is successful with
> serverT1

> 3) server3 is not trusted and should synchronize with server2

> server3 does not synchronize with server2

The problem here is that you want to operate _two_ trust groups:

server2 trusts serverT1
server3 trusts server2

Server3 needs to be able to trust server2. Try regenerating the
paramters on server2 using '-T'.

Steve Kostecke <kostecke at ntp.org>
NTP Public Services Project - http://support.ntp.org/

More information about the questions mailing list