Encrypting the connection to the failover cluster

To connect securely to the running management server, the remote servers must trust both Node 1 and Node 2.

To learn how to generate and install certificates, see the XProtect VMS certificates guide.

To enable encryption between the management servers and the remote servers, you must install on both nodes:

• The public CA certificate

• The SSL certificate for the failover cluster

Do not enable encryption on the management server if you have already configured the failover cluster.

If you want to enable encryption for a new VMS installation, you must:

1. Create a private and a public CA certificate.

2. Install the public certificate on all client computers.

3. Create an SSL certificate for the failover cluster.

4. Install the SSL certificate for the failover cluster on Node 1 and Node 2.

5. Enable encryption for the Management Server service on both nodes.

6. Create and install certificates on the remote servers.

7. Enable encryption on the remote servers.