Do Integration Servers in a Cluster Need Their Own Certifica

Or can they both be configured with the same certicate?

Yes. They can use the same certificate.

A different opinion was offered on wmusers. Now I am in doubt.

We use the same certificate which is tied to the cluster IP address and cluster DNS. This works well. May not be absolutely “correct”, but it works.

There are reasons for each server to have their own certificate… but for most common configurations with a cluster involved, if the client connects to the cluster via a virtual IP (or a DNS entry that hits the virtual) then each server can share the same certificate. Create the certificate based on the virtual name or the dns entry that points to the virtual IP, install it on all the servers in the cluster - then you only have to provide one cert to the client.

The client isn’t going to authenticate to one particular server - it is authenticating to the cluster, as such - each server in the cluster should have a shared certificate.

Hi Craber,

I agree with the view of Richard.

webMethods cluster function as single entity, meaning they represent one enterprise and hence allow using same certificate for both servers in cluster. We have successfully configured this in our environment and it is fully functional.

You may see this from this perspective, that is, if different certificate configured, it would mean different entities which is not the purpose of cluster.

Note: Craber, I have posted this reply to the thread you referred to.