Proxy Auth certificates in a firecluster?

~Jon S~Jon S
in Firebox - FireCluster

I cannot find a definitive answer as to which proxy authority certificate is used in a fire cluster. If I am going to distribute via AD GPO, do I need to distribute both or just the primary? We always use active\passive, so there is always a primary box.

Thanks!
~Jon

Comments

  • james.carsonjames.carson Moderator, WatchGuard Representative

    Hi Jon,

    The cluster members sync what cert they use. Whatever one the current master is using is the one you'll want to download for content inspection.

    -James Carson
    WatchGuard Customer Support

  • ~Jon S~Jon S

    OK, so when the cluster fails over, the certs wont change?

    Thanks James.

  • james.carsonjames.carson Moderator, WatchGuard Representative

    If the cluster is replicating properly the certificates won't change. Check the cluster health scores in the status report (in FSM) if you want to check. They should all be 100.

    -James Carson
    WatchGuard Customer Support

Sign In to comment.