Certificate & LDAPS

I have two Vault servers in an HA mode. Servers are integrated to AD using LDAP. Now I am supposed to switch on using LDAPS. For that I need client certificate(s). To my understanding the LDAPS configuration is shared across the servers. Should I therefore have a multi-server (client) certificate, which identifies both servers?



You may choose to, but it is not a requirement to use LDAPS.


Therefore yes, you must.

But client certificates are not linked to server names - other than by any local convention you may choose to create for yourself.