Distributing Certificates and Keys
Before you can distribute certifications and keys to all hosts in a cluster, you must obtain the appropriate certificate signed by a certificate authority (CA) and private key files. See SSL Overview.
To distribute certifications and keys to all hosts in a cluster:
-
Log on to a host that contains the certifications and keys you want to distribute.
- Start the Administration Tools, as described in Using the Administration Tools
Note: The database does not need to be running when you distribute the certificates and key files.
- On the Main Menu in the Administration Tools, select Configuration Menu, and click OK.
- On the Configuration Menu:
- Select Distribute Config Files, and click OK.
- Select SSL Keys, and click OK.
- Select the database on which you want to distribute the files and click OK. The following appears:
-
[Optional] Modify the fields in the previous screenshot to add the file locations for the
server.crt
,server.key
androot.crt
files, and click OK to distribute the files.Admintools sets the parameters SSLCertificate, SSLPrivateKey, and, if applicable, SSLCA. See Security Parameters.
- If you are upgrading to 7.1, the SSLCertificate and SSLPrivateKey parameters are automatically set by Admintools if you set EnableSSL=1 in the previous version.
- If your server.crt SSL certificate file includes certificate chain (more than one certificate), Admintools accepts the whole chained certificate.
- Configure SSL.