Certificate for Security and Connection Servers

Mouhamad · ‎04-08-2013

Hello there,

I have the below setup

1 Security server - myview.domain.com (mapped to public IP when accessing through the internet)

1 Connection server - myview.domain.com (same FQDN mapped to an internal private IP using local DNS)

So users from inside will resolve the internal IP, where if they leave the company they'll resolve the external IP.

Now the question is, if I generate a certificate from the security server:

1- what type of certificate should I buy from Thawte or DigiCert?

2- Can I import the same certifcate on both Connection and security servers?

Regards,

VCP-DCV, VCP-DT, VCAP-DCD, VSP, VTSP

Mouhamad · ‎04-10-2013

Hello guys,

Anyone had a similar setup?

Thanks,

VCP-DCV, VCP-DT, VCAP-DCD, VSP, VTSP

Linjo · ‎04-10-2013

Moderator note: Moved to appropriate area.

// Linjo

Best regards, Linjo Please follow me on twitter: @viewgeek If you find this information useful, please award points for "correct" or "helpful".

schmidtl · ‎04-10-2013

I did exactly what you did, with Webserver Certificates issued by RapidSSL, so yes: it should work that way.

SIMACIT · ‎09-26-2014

I just did it with DigiCert SSL Plus certificate.

Create cert request from ConnServer with certreq.exe

Import certificate from DigiCert with certreq.exe

Restart services

Export certificate with private key

Move the exported cert to the SecServer

On SecServer in Certificates MMC (Local Computer) import the cert to personal store (remember to check "make private key exportable", otherwise the Blast and Security Gateway services will not start)

Restart services

All

Certificate for Security and Connection Servers