Each instance has a unique inter-server certificate that is generated during the setup process. This certificate is not exposed to clients, so there is no need for it to be signed by a trusted issuer. The topology registry, a mirrored portion of the configuration with information about all of the PingDirectory server instances in the environment, has all of the information that each instance needs to trust the inter-server certificates for all of the other instances.

Inter-server certificates can also be used to protect certain secrets that are shared among servers within the topology, like those used to digitally sign log files, backups, or LDIF exports. It also includes the encryption keys used by reversible password storage schemes.

The inter-server certificate is generated with a very long life span and should not ever need to be replaced unless you suspect that its private key has been compromised.