Systems can be grouped together to function as a cohesive unit. As an example, a group can be comprised of a group of linked computers that are programmed to work together. Many such groups are deployed to improve performance and availability over that of a single system. Before joining such a group, the identity of an individual system needs to be authenticated such that the system is permitted to join the group, and there are a variety of different certificate-based authentication systems that provide such services.
Many traditional certificate-based authentication systems are configured with a digital certificate for all the members with which the system has to communicate securely. Even though this type of authentication can be used for an extended period of time for many communication sessions, such traditional certificate-based authentication systems can be difficult to scale. For example, in order to construct a cluster of systems in which any member of the cluster may securely communicate with each other, each pair of systems within the cluster must be separately and manually configured for secure communication. However, adding or removing a system from the cluster becomes increasingly tedious as every other system within the cluster must have its configuration manually and separately updated.