Topic Last Modified: 2012-10-20

Certificate requirements for a Director with a hardware load balancer will use a default certificate that has a subject name and subject alternative names for services that the Director pool can receive. A certificate is requested for each Director in the pool. Additionally there is an OAuth Token certificate for server to server authentication purposes that is installed on each server.

Certificates for a Scaled Director Using a Hardware Load Balancer

Component Subject name (SN) Subject alternative names (SAN) Comments


(Optionally) *

Director certificates can be requested from either an internally managed certification authority (CA) or from a public CA.

The Director responds to requests from the reverse proxy in the perimeter or from the Edge Server.

Or, a wildcard entry for the simple URLs


No Entry

Note that the minimum key length is 1024, but you may receive a warning that the minimum recommended key length is 2048 bits.

The OAuthTokenIssuer certificate is a single-purpose certificate for the purpose of authenticating servers in a large-scale environment, and can be requested from an internal CA or from a public CA. The certificate is required.