Each edge server requires a certificate for MTLS communication with internal servers. Specific requirements differ with each edge server and the topologies in which they are deployed. For more information about edge server certificate requirements, see the Planning for External User Accessin the Planning and Architecture documentation.

For the A/V Edge service, an additional certificate is required for audio/video authentication. The private key of the A/V authentication certificate is used to generate authentication credentials. As a security precaution, you should not use the same certificate for A/V authentication that you use for the internal interface of the A/V Edge service (covered earlier in this guide). We recommend that you issue this certificate from an internal CA, but you can also use a certificate from a public CA.