Redundancy and genuine certificates

diat150 · April 5, 2011, 9:17pm

My customer has a question about the genuine SSL certificate on the backup server. Obviously you will need a second certificate and it will have a little bit different information on it, like IP addresses and names.

What happens if a user is logged on to the master application during a failure? They should swap over to the backup, but what happens if they have never downloaded the certificate from the backup server?

So I guess we need some clarification on what happens during the failover process if we are using SSL with genuine certificates.

diat150 · April 7, 2011, 2:31pm

I got my two servers up yesterday and was able to test this a little bit. It looks like a user will not be prompted to download the certificate from the backup server if they were connected to the master already when the failover occured. If a new client tries to connect while the master server is down, they will be prompted to download the certificate from the backup server.

jim_lapratt · April 7, 2011, 3:23pm

That is good to know.

Carl.Gould · April 13, 2011, 2:22am

Yeah the SSL cert prompting is part of the browser, so once the client is launched it does it behind the scenes.