In environments where SSH Tectia Manager is used to publish a Certificate Revocation List (CRL), any unavailability of the CRL can cause the client/server environment to cease operations. It is recommended that the CRL is published on an external host, which is guaranteed to be available through a high-availability setup.

When SSH Tectia Manager is used to manage host certificate authentication and to publish CRLs, the Management Server availability becomes critical. In other cases, SSH Tectia Manager is not a single point of failure for the SSH Tectia environment – if the Management Server becomes unavailable, normal operations and connections between SSH Tectia Clients and Servers will continue, but configuration updates, new software deployments or upgrades, and other management operations will not be available.

If high availability of the Management Server is required in your environment, it can be set up as follows. Note that high availability does not imply load balancing.