Assign a Certificate to a Gateway

After you add a certificate to a Site, you can assign it to a RAS Secure Gateway, HALB, or both depending on the usage type that you specified when you created the certificate (described in the beginning of this chapter). More on the certificate Usage option below.

Certificate Usage

Certificate Usage is an option that you specify when you create a certificate. It specifies whether the certificate should be available for RAS Secure Gateways, HALB, or both. When setting this option, you can choose from the following:

  • Gateway: If selected, makes the certificate available for RAS Secure Gateways.

  • HALB: If selected, makes the certificate available for HALB.

You can select one of the options above or both, in which case the certificate becomes available for both, Secure Gateways and HALB.

When you configure SSL for a RAS Secure Gateway or HALB later, you need to specify an SSL certificate. When you select a certificate, the following options will be available depending on how the Usage option is configured for a particular certificate:

  • <All matching usage>: This is the default option, which is always available. It means that any certificate on which the Usage selection matches the object type (Secure Gateway or HALB) will be used. For example, if you are configuring a Secure Gateway and have a certificate that has Usage set to "Gateway", it will be used. If a certificate has both, Gateway and HALB usage options selected, it can also be used with the given Secure Gateway. This works the same way for HALB when you configure the LB SSL Payload. Please note that if you select this option for a Secure Gateway or HALB, but not a single matching certificate exists, you will see a warning and will have to create a certificate first.

  • Other items in the Certificates drop-down list are individual certificates, which will or will not be present depending on the certificate's Usage settings. For example, if you configure LB SSL Payload for HALB and have a certificate with the Usage option set to "HALB", the certificate will appear in the drop-down list. On the other hand, certificates with Usage set to "Gateway" will not be listed.

As another example, if you need just one certificate, which you would like to use for all of your Secure Gateways, you need to create a certificate and set the Usage option to "Gateways". You can then configure each Secure Gateway to use this specific certificate or you can keep the default <All matching usage> selection, in which case the certificate will be picked up by a Secure Gateway automatically. Same exact scenario also works for HALB.

Secure Gateways

To assign a certificate to a RAS Secure Gateway:

  1. Navigate to Farm > Site > Gateways.

  2. Right-click a Secure Gateway and choose Properties.

  3. Select the SSL/TLS tab.

  4. In the Certificates drop-down list, select the certificate that you created.

  5. Click OK.

Please note that you can also select the <All matching usage> option, which will use any certificate that either has the usage set to Secure Gateway or both Secure Gateway and HALB.

© 2024 Parallels International GmbH. All rights reserved.