Jump to: navigation, search

Securing High Availability Connections

This section describes how to configure secure connections between primary and backup servers in a high-availability (HA) configuration.

See Supporting Components for information about components that support HA configurations. For information about setting up an HA environment for these Genesys components, see the corresponding product documentation.

Securing Connection Between Configuration Servers Configured as HA Pair

Configuration Servers can only communicate securely when both configured with their default ports in auto-upgrade mode. Follow the instructions for configuring Configuration Server (for port) and Configuring client of Configuration Server (for certificates and other parameters when Configuration server instance is playing client role). Configuration of both instances in HA pair must be identical.

Securing Connection Between Genesys Servers Configured as HA Pair

The HA synchronization connection is configured by selecting the HA sync check box in the Port Info dialog box of a specific port. This indicates that the port will be used by the former primary server to connect to the new primary server after a failover. If the HA sync check box is not selected, the former primary server will connect to the default port of the new primary server.

Genesys does not recommend using the ports with the port-level assigned certificates for an HA synchronization connection between redundant servers. The secure connection should be configured on a host or application level instead.

To configure TLS on each component in the HA pair:

  1. In the Server Info section on the Configuration tab of the properties of both the primary and backup servers in a redundant pair, create a new port with the same ID, and with Select Listening Mode set to Secured.
    When multiple ports are configured for a server in a Hot Standby redundancy pair, their IDs and the Select Listening Mode settings of the primary and backup servers must match respectively.
  2. In the Port Info dialog box of each server, click OK to save the new configuration. Then, in the Configuration tab of each, click Save.
  3. In the Listening Ports table of each server, select the port that you just created, and click Edit.
  4. In the Port Info dialog box, select the HA sync check box, and click OK.
  5. Click Save & Close, Save, or Save & New, as appropriate, to save the configuration changes.
This page was last modified on December 22, 2016, at 14:38.


Comment on this article:

blog comments powered by Disqus