Universal Messaging 10.11 | Administration Guide | Universal Messaging Enterprise Manager | Cluster Administration | Setting Up Inter-Realm Communication | Note on Public/Private Keys Used for Inter-Realm Handshake
 
Note on Public/Private Keys Used for Inter-Realm Handshake
When a Universal Messaging realm starts for the first time, it automatically generates a public/private key pair for encryption purposes and stores it in the internal keystore server.jks file in the realm's data/RealmSpecific directory. The public keys of other nodes are also added to this file whenever the realms are added to form a cluster.
These auto-generated keys are used for server identification only; basically whenever two realms establish a connection, they will exchange a single signed message as part of the handshake routine, in order to confirm they know each other.
After this initial handshake has taken place, all encrypted communication between realms in a cluster uses separate keys and keystores.