By default, the network Interface used for replication between Encryption Management Server cluster members is Interface 1.

During the installation of Encryption Management Server, a self-signed TLS certificate is generated automatically and assigned to Interface 1.

If you need to use a different Interface for replication, you must manually edit the /etc/ovid/prefs.xml configuration file from the command line.

If the network Interface used for replication does not have a TLS certificate associated with it, replication will fail.

Symantec Encryption Management Server release 3.4.2 and above.

Always ensure that the network Interface used for replication in a clustered environment has a TLS certificate associated with it.

Do not remove the certificate even temporarily or replication will immediately fail.

Please try to use Interface 1 for replication. If you need to use a different interface, please open a Technical Support case.