Encrypting the connection to the failover cluster

To connect securely to the running management server, the remote servers must trust both the primary and secondary computers.

To learn how to generate and install certificates, see the XProtect VMS certificates guide.

To enable encryption between the management servers and the remote servers, you must install on the primary and secondary computers:

• The public CA certificate

• The SSL certificate for the failover cluster

Do not enable encryption on the management server if you have already configured the failover cluster.

If you want to enable encryption for a new VMS installation, you must:

1. Create a private and a public CA certificate.

2. Install the public certificate on all client computers.

3. Create an SSL certificate for the failover cluster.

4. Install the SSL certificate for the failover cluster on the primary and secondary computers.

5. Enable encryption for the Management Server service on the primary and secondary computers.

6. Create and install certificates on the remote servers.

7. Enable encryption on the remote servers.