Skip to main content
Skip table of contents

Security Groups

Galera replication uses the following port for communication:

  • 443 - For TLS connections between the CA and the RA/VA.

To create a security group that allows for TLS traffic within the VPCs, follow the steps below.

In this example, the VPC internal address space is in US-East-1 and the address space in US-East-2 is

  • Create a Security Group called "TLS 443 Traffic to US-East" with the following rules:

This will allow any connections outbound to any address and any inbound connection on port 443 from any address on the and subnets. The same rule in the other VPC will also need the same rule configured. These rules may be tightened as required for the organization.

  • To apply these Security Groups to the EJBCA Enterprise Cloud Nodes in each of the VPCs, right-click the node, select Networking and then Change Security Groups.

  • Apply the security group to the instance so that it can communicate with the other nodes in the cluster:

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.