PGP Universal Server Offline Behavior

Article:TECH148937  |  Created: 2006-05-31  |  Updated: 2012-02-02  |  Article URL
Article Type
Technical Solution


This article describes the offline behavior when a Primary or Secondary PGP Universal Server becomes unavailable?



This document describes the behavior of Primary and Secondary PGP Universal Servers when the server becomes unavailable or disconnected from the network.

When you have two or more PGP Universal Servers operating in your organization, you can configure them to synchronize with each other; this arrangement is called a cluster.

In a cluster, one of the PGP Universal Servers is designated as the Primary server for the cluster; all other cluster members are designated as Secondary servers. The Secondary servers in a cluster synchronize their users, keys, managed domains, and policies with the Primary server. Cached keys found in the mailflow are also replicated across the cluster.

Benefits of clustering include lower overhead (spreading the system load between the PGP Universal Servers in the cluster means greater throughput) and the ability for email services to continue working even if one of the servers in the cluster goes down, including the Primary server.


Primary Server

The following text describes the behavior of a Primary server when the server becomes unavailable.

When a Primary Server in a PGP Universal Server cluster is unavailable or disconnected, the synchronization of users, keys, managed domains, and policies will not occur with other Secondary servers in the cluster. A Secondary cluster server cannot be promoted to a Primary Server.


  • When High Availablity Mode is not enabled, PGP Universal Web Messenger mailboxes on the Primary server are unavailable and messages to those mailboxes are queued by Secondary cluster server members.
  • Creation of new external users are queued until the Primary server becomes available.
  • Even though the Primary server is unavailable, any PGP Universal Web Messenger user mailboxes on Secondary servers will continue to be available.
  • Secondary servers can still process some mail and enforce policy for existing and new internal users and existing external users.
  • Secondary servers cannot create new external users while the Primary server is unavailable.


    • Organization key/certificate cannot be changed.
    • Trusted keys/certificates cannot be add/removed.
    • Policies cannot be changed/added/removed.
    • Managed domains cannot be added/removed.
    • Ignition keys cannot be added/removed.

Secondary Server(s)

The following text describes the behavior of a Secondary server when the server becomes unavailable.

When a Secondary cluster member becomes unavailable and disconnected from the Primary, it will not receive synchronized data. If the Secondary is disconnected for more than 24 hours, when it reconnects to the Primary it will execute a resynchronization.

Resynchronizing data may take several hours, particularly if PGP Universal Web Messenger is in High Availability Mode. All services on the Secondary are stopped while resynchronization occurs.


  • Primary and other Secondary servers in the cluster continue to process mail and enforce policy for all internal and external users.
  • When using Home Server mode on a Secondary server, Web Messenger mailboxes will be unavailable. Messages to those mailboxes are queued by other cluster members.
Note: High Availability Mode replicates new PGP Universal Web Messenger user accounts on all clustered universal servers running the service. All external user account information exists on all members of the cluster. If a cluster member is not functioning, PGP Universal Web Messenger users will still be able to use the service.

Home Server Mode assigns a home PGP Server for each new PGP Universal Web Messenger user account. All account information for an external user exists on a single cluster member


Legacy ID


Article URL

Terms of use for this information are found in Legal Notices