Encryption considerations

If you want to encrypt the connection between the failover cluster nodes and other VMS components, you must consider the following:

• VMS certificates - To encrypt the connection to and from the running management server, you must install the CA certificate and an SSL certificate on both nodes. See Encrypting the connection to the failover cluster.

• Failover certificates - The failover cluster communicates with the failover web console through HTTP or HTTPS. You can use your own certificate or let the configuration wizard generate one for you. See Server certificate for the failover web console and Use custom server certificates for communication with the failover web console.

• Identity Provider - To ensure that users can log in to the running management server, you must set up data protection and update the data protection keys. See Update the data protection settings for Identity Provider.