In this section we will briefly explain an overview of PSC 6.5 HA
Overview of PSC 6.5 HA
- In the above diagram we have two PSC nodes behind a Load Balancer.
The PSC Nodes must exist in the same SSO Domain and also in the same Site. Any other PSCs in the same SSO Domain should exist in a separate site.
- Ports 389, 636, 443, 2012, 2014 and 2020 are created as VIP Endpoints on the Load
- A single shared Machine SSL Certificate will be used for both PSC Nodes. This certificate must contain both PSC Node FQDNs and also the PSC HA VIP FQDN.
- There is no SSL Certificate on the Load Balancer – this means the SSL Session will be
passed through to the target PSC. Previously PSC HA 6.0 would terminate the SSL session at the Load Balancer and create a new SSL Session from the Load Balancer to the target PSC.
- All solutions that interact with a PSC must be pointed/registered via the PSC HA VIP
- Requests from solutions will be sent to the PSC HA VIP and the Load Balancer will direct these requests to a PSC. All requests from the same session should be “sticky” to the same PSC.