mrstorey303
Enthusiast
Enthusiast

OK thanks, this is what I figured.

In which case, I guess my options are for internal TrueSSO are:

- Enable tunnelling - both thick clients and HTML5 clients are tunnelled regardless.

- Disable tunnelling, but configure the connection servers to return a DNS name rather than IP address, so that direct HTML5 connections do not throw a cert warning.  (Not entirely happy to do this, because it'd introduce a significant dependancy on accurate DNS queries for instant clones / highly ephemeral environments.  I could see an issue where users are brokered out to different machines to what the connection server allocated!)

I should probably throw in a feature request for the UAG product team.  Just as a side, I've always wondered why these cert warnings only throw for brokered, direct HTML5 connections, and not brokered direct connections from the thick client?  Maybe a question for another thread!

Thanks

Reply
0 Kudos