Certificate management and replication
In Replication, the Server is the Target engine and the Client is the Source engine.
Enabling server authentication
To enable Server Authentication, do the following:
Replace the desired certificate for DSP (Delphix Session Protocol) in the Target engine KeyStore. For more details, refer to KeyStore Settings
Add the full CA chain of the replaced certificate from the Target engine to the TrustStore on the Source engine. The CA chain must match on both engines. For more details, refer to TrustStore Settings
Select the option Perform Server (target engine) authorization for Replication for both Target and Source engines.
Enabling client authentication
To enable Client Authentication, enable Server Authentication (refer to above steps), then do the following:
Replace the desired certificate for DSP in the Source engine KeyStore. For more details, refer to KeyStore Settings
Add the full CA chain of the replaced certificate from the Source engine to the TrustStore on the Target engine. The CA chain must match on both engines. For more details, refer to TrustStore Settings
Select the option Perform Client (source engine) authorization for Replication for both Target and Source engines.
Once the configurations have been set as desired, you will be presented with a summary page. Clicking Submit will trigger a stack restart as that is necessary for the configuration changes to take effect. Note: all jobs will be stopped, but VDBs will continue to run.