Encryption considerations

If you want to encrypt the connection between the failover cluster nodes and other VMS components, you must consider the following:

• VMS certificates - To encrypt the connection to and from the running management server, you must install the CA certificate and an SSL certificate on both nodes. See Encrypting the connection to the failover cluster.

• Failover certificates - The failover cluster communicates with the failover web console through HTTP or HTTPS. During the failover cluster configuration, you select the connection protocol. If you select HTTPS, the wizard generates a server certificate that encrypts the connection to the failover web console. See Server certificate for the failover web console.

• Identity Provider - To ensure that users can log in to the running management server, you must set up data protection and update the data protection keys. See Update the data protection settings for Identity Provider.