Assigning a certificate to Gateways and HALBAfter you add a certificate to a Site, you can assign it to a RAS Secure Client Gateway, HALB, or both depending on the usage type that you specified when you created the certificate (described in the beginning of this chapter). More on the certificate Usage option below. Certificate usage Certificate Usage is an option that you specify when you create a certificate. It specifies whether the certificate should be available for RAS Secure Client Gateways, HALB, or both. When setting this option, you can choose from the following:
You can select one of the options above or both, in which case the certificate becomes available for both, Gateways and HALB. For details on how to create a certificate and choose these options, please see Generating a self-signed certificate and Generating a certificate signing request (CSR). When you configure SSL for a RAS Secure Client Gateway or HALB later, you need to specify an SSL certificate. For the information on how to do this, please see SSL/TLS encryption and Configuring HALB in the RAS Console. When you select a certificate, the following options will be available depending on how the Usage option is configured for a particular certificate:
As another example, if you need just one certificate, which you would like to use for all of your Gateways, you need to create a certificate and set the Usage option to "Gateways". You can then configure each Gateway to use this specific certificate or you can keep the default <All matching usage> selection, in which case the certificate will be picked up by a Gateway automatically. Same exact scenario also works for HALB. Gateways To assign a certificate to a RAS Secure Client Gateway:
Please note that you can also select the <All matching usage> option, which will use any certificate that either has the usage set to Gateway or both Gateway and HALB. HALB To assign a certificate to a HALB, navigate to Farm > Site > HALB. Assuming that your HALB is enabled and configured, and the LB SSL Payload option is selected, follow the instructions below:
As with gateways, you can also select the <All matching usage> option, which will use any certificate that has the usage set to HALB or both HALB and Gateway. |
||||
|