You can modify the SSL Settings for a cluster or enable/disable the SSL settings for a particular cluster by following these steps:
- On the ScaleArc dashboard, locate the Status column and click on the Cluster Settings button.
- Click on the SSL tab in the Cluster Settings dashboard. Use this screen to edit/delete client and server SSL certificates you uploaded when you created the cluster.
-
Enable or disable SSL settings for a particular cluster using the SSL Authentication Offload toggle switch.
Note: Any modification to the SSL Authentication Offload option requires a cluster restart. -
Configure the remaining options as described below:
Field Description User input SSL Authentication Offload Establishes secure connection between the client and the server via ScaleArc.
Important: As a prerequisite, if a SQL client needs to initiate full encryption with ScaleArc's SSL-enabled cluster, ScaleArc's inbound IP should be reverse resolvable to the hostname entry in certificate uploaded on the ScaleArc cluster.
Enabling SSL Authentication Offload requires you to upload a certificate and a key pair prior to enabling the setting.
Select OFF or ON button. ScaleArc as Server SSL Offload enablement requires you to upload a certificate and a key pair. - Click Edit>Browse to upload Server certificate.
- Click Browse to upload Server key.
Validate client Enables ScaleArc to validate clients connecting to ScaleArc, based on the issuer. Enable this option to upload and save the appropriate CA certificate. Validity
Issued on:
Expires on:Issue and expiration dates for the certificate. Upload the certificate to see the dates. Force Data Encryption Forces all connections to be fully encrypted. Select/deselect checkbox. ScaleArc as Client ScaleArc connects to the SQL Server using client certificates. Validate Server Enables ScaleArc to validate DB server communication and upload the appropriate CA certificate. Enable this option to upload and save the appropriate CA certificate. Validity
Issued on:
Expires on:Issue and expiration dates for the certificate. Upload the certificate to see the dates.