Certificate Authorities in a Geographic Redundancy setup

In System Manager configured with Geographic Redundancy, the system replicates the CA certificate from the primary System Manager server to the secondary System Manager server. By default, the primary System Manager server, the secondary System Manager server and their elements are part of the same trust domain. For the initial trust relationship, during the configuration, the secondary System Manager server uses the Certificate Enrollment password that is set on the primary server. The primary System Manager server issues a certificate to the secondary System Manager server.

When the secondary System Manager server is active, do not configure System Manager as a sub CA.