Pulse Secure formerly SSL VPN
Posts: 138
Registered: ‎03-17-2008

digital certificate on cluster

hi all,


i'm running a pair of 4500 active/passive cluster, and would like purches digital certificate,

do i need one for the VIP IP address or one per machine ?


what will be client exprience when failover occures in aspect to digital certificate?

rock the boat , dont sink the ship
Trusted Contributor
Posts: 123
Registered: ‎11-27-2010

Re: digital certificate on cluster

Dear Player,


first over all you need only 1 Certificate for the Domain-Name which points to the VIP-IP.


Also i would recomend that your going to build your csr (certificate signing request) with an open-ssl implementation (offline), so you can also specify the complexity of your private key + bit lenth 2048!


regarding to your question about the client experience, they won't notice anything as the certificate is name based.





Copyright© 1999-2015 Juniper Networks, Inc. All rights reserved.