Ulrich Windl wrote: >> I use a cert with the VIP used by clients, and the hostnames used between >> the servers all setup in the subjectaltname of the certificate. > > But this "solution" does not scale well when adding or removing servers... Why does it not scale? If you have an individual cert for each server with the VIP DNS name in subjectAltName you can just add servers as needed. Ciao, Michael.
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature