Encrypting the connection to the failover cluster

To connect securely to the running management server, the remote servers must trust all nodes.

To enable encryption between the management servers and the remote servers, you must install the following certificates on all nodes:

• The public CA certificate

• The SSL certificate for the failover cluster

To learn how to generate and install certificates, see the XProtect VMS certificates guide.

To enable encryption for a new VMS installation, you must:

1. Create a private and a public CA certificate.

2. Install the public certificate on the hosts where you have installed a VMS client component.

3. Create an SSL certificate for the failover cluster that includes the node name and the address of the cluster.

4. Install the SSL certificate for the failover cluster on the nodes.

5. Enable encryption for the Management Server service on the nodes.

6. Create and install certificates on the hosts where you installed a VMS server component.

7. Enable encryption on the hosts where you installed a VMS server component.