Encrypting Multi-AZ HA Cluster Communication

Encrypting Multi-AZ HA Cluster Communication

CloudBasic RDS AlwaysOn/Geo-Replicate for SQL Server HA/DR version 8.0 and above features encrypted communication between Multi-AZ High-Availability Cluster instance members. HTTPS/TLS 1.2 communication is handled over port 444.

In order to configure encrypted communication between HA Cluster members, install a self-signed or signed by a CA certificate on both cluster member instances (see below for instructions) and select the "(444, https ..)" option:


To install a certificate, RDP to the server, install your certificate into the trusted certificate storage, open the IIS manager, select RDS365_WS, then select binding, add https on port 444, select your certificate.

This is one example of how you can create a self-signed certificate using a PowerShell script:

RDP to the CloudBasic server, then execute below PowerShell command. 
A self-signed certificate will be created with default parameters, placed in certificate storage,
and available for selection under IIS/RDS365_WS=>Binding

C:>PowerShell
PS> New-SelfSignedCertificate -certstorelocation cert:localmachinemy -dnsname cloudbasic.internal

For more information, visit: 
https://technet.microsoft.com/itpro/powershell/windows/pkiclient/new-selfsignedcertificate