CPPM 6.8 - CLUSTER CONFIGURATION USING CERTIFICATES
In 6.8, for enhance cluster security introduce https and database server certificate which role play vital role between cluster nodes.
Https server Certificate validation – It is mandatory that nodes (subscriber’s) should trust https certificate of publisher node. It should be present in CPPM nodes trust list before configure cluster.
In order to adhere best practice https server certificate is signed by public Certificate Authority, which includes all nodes FQDN name in subject alternate name (SAN) field.
Database server Certificate – This is new certificate type in 6.8 to enhance security in the cluster replication between the cluster’s nodes. It should be present in CPPM nodes (subscriber’s) trust list before configuration cluster.
In order to adhere best practice, do not use self-sign CPPM database server certificate instead of that signed database severe certificate by internal/external Certificate Authority
created by: @jibincr