PKI Hub cluster 2 is the passive cluster in the passive datacenter, and hosts a multi-node installation of the Cryptographic Security Platform PKI Hub that replicates PKI Hub cluster 1.

To install the passive PKI Hub cluster 2

1. Provision the same number of nodes as in PKI Hub cluster 1.
2. Configure node network settings such as  IP addresses, hostnames, NTP servers, or DNS servers. 

   The nodes may have different hostnames or IP addresses than those on PKI Hub cluster 1.

3. Deploy a multi-node PKI Hub installation as explained in Starting up PKI Hub. 
4. Run the following commands with same values as in PKI Hub cluster 1.
   • clusterctl volume capacity
   • clusterctl retention config logs
   • clusterctl retention config metrics 
   • clusterctl proxy set
5. If required, issue a TLS certificate using the same certificate authority that issued the TLS certificate for the PKI Hub cluster 1 and run the clusterctl certificate command to set this TLS certificate.
6. Install the Stop services script for Disaster Recovery as described in Installing the stop services script.
7. Perform the steps described in Restoring the active cluster configuration on the passive one to restore PKI Hub cluster 1 configuration on PKI Hub cluster 2. 

   You must repeat this step after any configuration change in the active datacenter.

When completing those steps, PKI Hub cluster 2 becomes the passive warm standby cluster.