Confuse about UAG certificate

simonsimon1129 · ‎05-27-2020

Hi Good day,
I am quite new with horizon. Would anyone help me with where or how to get a wildcard/CA certificate for UAG ?

Tried searching online but asking for "Premium service for a wildcard".
Link or KB are always appreciated for me to read and learn.

Shreyskar · ‎05-27-2020

Hi simonsimon1129

You can follow below doc for replacing UAG default self signed cert with a CA signed cert. You can use a wildcard cert or single server name cert,both will work.

Configuring TLS/SSL Certificates for Unified Access Gateway Appliances

You can generate the 'certificate signing request' from any windows server 'certificate manager'. Once you have the certificate you can follow below blog on how to apply it on UAG:

https://www.carlstalhood.com/vmware-unified-access-gateway/#admininterface

EMMJunkie · ‎06-11-2020

Shreyskar while those are indeed helpful and I am having a similar question around Wildcard Certificates.

We have used an external CA to procure a Wildcard Certificate for our domain "*.certificate.com" and I have downloaded the Wildcard Certificate and have in my possession, the Certificate file in a .CRT format and I have the Intermediate Certificate file in a .CRT format. My understanding is the .CRT is of a .PEM type but what do I need to do in order to get this uploaded on to the UAG in a .PEM format, do I simply change the extension, do I need openSSL to convert from .CRT to .PEM? Where am I obtaining my Private Key from?

a_p_ · ‎06-11-2020

The private key should have been created on the system, on which you've generated the CSR (Certificate Signing Request).

André

Shreyskar · ‎06-13-2020

When you create CSR, you have the option to 'Mark private key as exportable' under Key options.

All

Confuse about UAG certificate

Workspace ONE Access