[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Antw: Re: Secure replication



Ulrich Windl wrote:
> I have a related question: Can you have different certificates, depending on
> "Normal use" and replication? I guess no, so if you use a load balancer, you'll
> have a problem with every server having a different cert (This is how I reaed
> your message).

Didn't we discuss that before?

When running different replicas which terminate TLS themselves you can issue a different
server cert with distinct subject-DN for each of them and put FQDN(s) of the same HA
address(es) (e.g. of your load-balancer(s)) into subjectAltName extension in all these
different server certs.

Does that answer your question?

Ciao, Michael.

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature