04-11-2011 01:57 AM
i'm running a pair of 4500 active/passive cluster, and would like purches digital certificate,
do i need one for the VIP IP address or one per machine ?
what will be client exprience when failover occures in aspect to digital certificate?
04-11-2011 02:58 PM
first over all you need only 1 Certificate for the Domain-Name which points to the VIP-IP.
Also i would recomend that your going to build your csr (certificate signing request) with an open-ssl implementation (offline), so you can also specify the complexity of your private key + bit lenth 2048!
regarding to your question about the client experience, they won't notice anything as the certificate is name based.