Encrypting Multi-AZ HA Cluster Communication


Documentation Index


API Documentation:

Encrypting Multi-AZ HA Cluster Communication

CloudBasic RDS AlwaysOn/Geo-Replicate for SQL Server HA/DR version 8.0 and above features encrypted communication between Multi-AZ High-Availability Cluster instance members. HTTPS/TLS 1.2 communication is handled over port 4431 (444 in versions 8 and 9; 4431 in version 10 and above).

In order to configure encrypted communication between HA Cluster members, install a self-signed or signed by a CA certificate on both cluster member instances (see below for instructions) and select the "(444/4431, https ..)" option:

To install a certificate, RDP to the server, install your certificate into the trusted certificate storage, open the IIS manager, select RDS365_WS, then select binding, add https on port 444, select your certificate.

This is one example of how you can create a self-signed certificate using a PowerShell script:

RDP to the CloudBasic server, then execute below PowerShell command. 
A self-signed certificate will be created with default parameters, placed in certificate storage,
and available for selection under IIS/RDS365_WS=>Binding

PS> New-SelfSignedCertificate -certstorelocation cert:\localmachine\my -dnsname cloudbasic.internal

For more information, visit: