Using the TLS protocol with IP routing load balancing
Complete the configuration to run TLS SIP traffic through IP routing load balancing.
- Routing TLS SIP traffic through an IP routing Load Balancer
To run TLS SIP traffic through an IP routing Load Balancer, first enable SNAT (Secure Network Address Translation) and apply it to the virtual servers. Then configure the WebSphere® SIP proxy server to use the same SSL certificates as the IP routing Load Balancer. - Setting up IP routing load balancing between clients and virtual servers
Setting up SNAT (Secure Network Address Translation) allows you to provide load balancing for client and virtual server connections, even if the IP routing load balancing is not set as the default route. Without SNAT, you run the risk of communications disruptions if TCP connections bypass the load balancing system. - Configuring SSL certificates for WebSphere SIP proxy servers for use with the IP routing Load Balancer
To enable TLS SIP Traffic, you must configure the WebSphere SIP proxy server to use the same SSL certificate as the IP routing Load Balancer. - Importing the IP routing Load Balancer public key to the WebSphere key stores
The public key from the Certificate Authority must be shared by the IP routing Load Balancer and the WebSphere SIP Proxy server to allow TLS SIP connections. - Requesting a personal certificate for the Deployment Manager from the Certificate Authority
The WebSphere Application Server deployment must have a personal signed certificate from the same Certificate Authority as the IP routing Load Balancer to enable TLS SIP traffic. - Signing the personal certificate request using the Certificate Authority
The Certificate Authority needs to sign the personal certificate request. - Importing the signed certificate to the Deployment Manager
The WebSphere Deployment Manager needs the personal signed certificate transferred back to its key store. - Configuring the WebSphere SIP proxy servers to use the signed certificate
Public and personal signed certificates from the Certificate Authority that are used by the IP routing Load Balancer must be associated with WebSphere SIP proxy servers being used for TLS SIP connections.
Parent topic: Deploying IP routing load balancers