Hello. We have a discrepency on the order of steps we need to enable FIPS in a HA setup for Netscaler MPX9700. These are running version 11.1.
From the Articles, such as https://docs.citrix.com/en-us/netscaler/12-1/ssl/fips/configure-fips-ha.html
, it reads as though you start with the HSM/FIPS module and then the HA portion of the GUI. We are planning to use a WildCard for the certificate on the FIPS module and the URL's provided to users.
However; from research a co-worker insists that the HA portion through the GUI needs to be setup first, and then do the HSM/FIPS portion.
Any clarification from experience is appreciated.