Table of Contents
Advertisement
Configuring Multiple ACE Management Server Instances
to Use SSL
You might configure multiple ACE Management Server instances to use SSL in the
following scenarios:
Multiple servers behind one or more proxy servers:
Each server can have its own SSL key and certificate (ACE Management
Server and proxy server).
The cert_chain file must contain the certificate file and verification chain for
the SSL certificates that the proxy servers are using. Place this cert_chain file
in each ACE Management Server.
When self‐signed certificates are being used, the actual certificate is the
verification chain. The chain file contains each self‐signed certificate being that
the proxies are using.
You can also use the same key and certificate for every server and proxy. In this
case, you do not need to create a cert_chain file.
Each certificate must have a unique common name.
Multiple servers using DNS round robin:
Each server can have its own SSL key and certificate (ACE Management
Server and proxy server).
The cert_chain file must contain the certificate and verification chain for
every certificate that the servers use. Place this certificate chain file in each
ACE Management Server.
When self‐signed certificates are being used, the actual certificate is the
verification chain. The chain file contains each self‐signed certificate that each
of the servers is using.
You can use the same key and certificate for every server. In this case, you do
not need to create a cert_chain file.
See also "Load‐Balancing Multiple ACE Management Server Instances" on
page 51.
VMware, Inc.
Chapter 7 Troubleshooting and Maintenance
73
Advertisement
Table of Contents
