If your installation propagates digital certificate information using an existing RRSF APPC connection, be sure to review RRSF considerations for digital certificates before performing the steps below. Propagated certificate information does not contain private key information and is insufficient to help you complete the steps that follow. These instructions assume that you are not propagating digital certificate information, and the instructions in Using an internal CA to sign a server certificate for each RRSF node do not work if you are currently propagating digital certificate updates. This is because the same distinguished name and label are used for all instances of an RRSF server certificate, which results in collisions caused by propagation. Alternatively, you could devise a naming convention for the certificate labels and distinguished names of each RRSF server certificate and modify the instructions accordingly. If you plan to have such a convention, then propagating all of the server certificates to all of the nodes automatically accomplishes the mapping function recommended for certain trust policies (described in Considerations when using an external CA). If you are propagating digital certificate updates, carefully consider its effect on each of these steps, or the steps that you follow for your environment, before performing them.