Ulrich Windl wrote: > I have a related question: Can you have different certificates, depending on > "Normal use" and replication? I guess no, so if you use a load balancer, you'll > have a problem with every server having a different cert (This is how I reaed > your message). Didn't we discuss that before? When running different replicas which terminate TLS themselves you can issue a different server cert with distinct subject-DN for each of them and put FQDN(s) of the same HA address(es) (e.g. of your load-balancer(s)) into subjectAltName extension in all these different server certs. Does that answer your question? Ciao, Michael.
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature