SSL VPN
Blogs
Discussion Forums
Programs & Events
turn on suggestions Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Reply
Topic Options
player
Contributor
Posts: 138
Registered: ‎03-17-2008
0

digital certificate on cluster

Options

‎04-11-2011 01:57 AM

hi all,

 

i'm running a pair of 4500 active/passive cluster, and would like purches digital certificate,

do i need one for the VIP IP address or one per machine ?

 

what will be client exprience when failover occures in aspect to digital certificate?

rock the boat , dont sink the ship
Message 1 of 2 (235 Views)
 
Reply
Trusted Contributor
NULL
Posts: 95
Registered: ‎11-27-2010
0

Re: digital certificate on cluster

Options

‎04-11-2011 02:58 PM

Dear Player,

 

first over all you need only 1 Certificate for the Domain-Name which points to the VIP-IP.

 

Also i would recomend that your going to build your csr (certificate signing request) with an open-ssl implementation (offline), so you can also specify the complexity of your private key + bit lenth 2048!

 

regarding to your question about the client experience, they won't notice anything as the certificate is name based.

 

regards

 

NULL

Message 2 of 2 (225 Views)
 
Reply
Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.