Skip to main content
Skip table of contents

Security Groups

Galera replication uses the following port for communication:

  • 443 - For TLS connections between the CA and the RA/VA.

To create a security group that allows for TLS traffic within the VPCs, follow the steps below.

In this example, the VPC internal address space is 172.16.0.0/16 in US-East-1 and the address space in US-East-2 is 172.31.0.0/16.

  • Create a Security Group called "TLS 443 Traffic to US-East" with the following rules:



This will allow any connections outbound to any address and any inbound connection on port 443 from any address on the 172.16.0.0/16 and 172.31.0.0/16 subnets. The same rule in the other VPC will also need the same rule configured. These rules may be tightened as required for the organization.

  • To apply these Security Groups to the EJBCA Enterprise Cloud Nodes in each of the VPCs, right-click the node, select Networking and then Change Security Groups.

  • Apply the security group to the instance so that it can communicate with the other nodes in the cluster:


JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.