you can roll out a single certificate authority into as many clusters as you want. There is no need to have a separate CA for each cluster.
Thanks Andre, in which way? is it possible via GUI?
I wonder if we are talking about the same thing. You want to import the Root CA for the SSL Scanner -> Set Client Context, e.g. the certificate which is used to sign the server certificates MWG creates when SSL Scanner is enabled and a user accesses an HTTPS website, right?
If so you will have the CA you want to import a two files, the certificate, the private key and most likely a passphrase. Now go to any node of a MWG cluster, open the SSL Scanner rule set, open the Enable Client Context setting, click import and provide the information MWG requires, e.g. the certificate, key and passphrase. Click Save Changes and the CA will be used on all nodes of this central management cluster from now on.
Do the same thing on all clusters (=Central Management) you have.
If you are talking about something else please let me know :-)
yes is right!
thanks a gain