How Parallels RAS requests certificates from Let's Encrypt
When you create a new Let’s Encrypt certificate using Parallels RAS, the following process is carried out:
- Parallels RAS Primary Connection Broker that hosts the licensing role makes the initial request to the Let’s Encrypt server to create an account.
- Account creation confirmation is received. Parallels RAS creates a CSR and sends it to the Let’s Encrypt server.
- A list of challenges is received, and Connection Broker reads the HTTP token sent by the Let’s Encrypt server.
- Secure Gateway or HALB retrieves the tokens from the Connection Broker.
- Once ready, Connection Broker notifies the Let’s Encrypt Server.
- Let’s Encrypt starts the verification process by going to the Secure Gateway or HALB and confirming the availability of the token.
- Challenges are completed including confirmation that the Secure Gateways or HALB can reply to the domain mentioned.
- Assuming that the challenge is completed successfully, Parallels RAS requests a certificate.
- Valid certificate is downloaded from the Let’s Encrypt server to Connection Broker.
- Connection Broker distributes the certificate to the Secure Gateways or HALB.