By default, all connections between the Distributed DDNS components are encrypted using preconfigured certificates and private keys. If required, you can configure and deploy your own custom certificates and private keys to be used in the Distributed DDNS system.
The default root CA contains the following information:
Issuer: C = AU, ST = Some-State, O = Internet Widgits Pty Ltd, CN = RootCA Validity Not Before: Sep 7 11:08:03 2020 GMT Not After: Jan 9 11:08:03 3020 GMT Subject: C = AU, ST = Some-State, O = Internet Widgits Pty Ltd, CN = RootCA
Other certificates are generated at the time of deployment of each component. The generated certificates contain the hostname and all IP addresses on that host, and is signed by the default CA. The certificate generation occurs for the following components:
- The Distributed DDNS Application Node UI. This is used for client authentication between the Distributed DDNS Application Node UI, Service Nodes, and Data Nodes.
- The Distributed DDNS Database server. This is for communication between the client and server, including Data Nodes.
- The API service on the Distributed DDNS Data Nodes.
- The API service on the Distributed DDNS Service Nodes.