Redundant TLS-Protected Servers

If you want redundant TLSClosed Transport Layer Security-protected VIC servers, you can use one of the following options:

  • One certificate per server, in the case that each server uses a different URL.

For example, if you had two servers named vtscada1.countyscada.com and vtscada2.countyscada.com, then you will need one X.509 certificate per server name.

Each server has its own certificate installed and the server list contains both server names.

  • You can use a wildcard X.509 certificate (which costs more) and install the same certificate on both servers. Do this if you need to increase the number of servers, while continuing to use the same certificate.
  • One certificate installed on multiple servers, in the case that the URL resolves to a networking device and that networking device automatically detects failure of one server and port forwards new connections to the other server or contains some sort of load balancer.