NetIQ Certificate Server can be used to create certificates that allow you to specify an alternative IP address or DNS address by adding it in the Subject Alternative Name extension. This requires that your DNS service be configured to reflect the cluster IP/DNS address as the default (or first) address. If the DNS service is set up correctly, the cluster applications can use the default certificates without needing any administration.
Ensure that the DNS service is configured to use the cluster IP/DNS address. During the OES install, select the Use eDirectory Certificates option so that NetIQ Certificate Server automatically creates the SSL Certificate DNS certificate with the correct IP/DNS address. By selecting the Use eDirectory Certificates option during the installation and using the cluster IP/DNS address, clustered applications should be able to access the certificates without needing further configuration for the Server Certificate object.