Search

Language:  
Search for:

Available article translations:

Configuring SSL Encryption on a RAS Gateway

APPLIES TO:
  • Parallels Remote Application Server 15.5
  • Parallels Remote Application Server 15.0
  • Parallels Remote Application Server 14.1

Information

The traffic between the users and the RAS Secure Client Gateway is always encrypted. The SSL/TLS tab page allows you to configure data encryption options.

By default, a self-signed certificate is installed during the RAS Secure Client Gateway installation and TLS v1.0, v1.1, or v1.2 is used.

Each RAS Secure Client Gateway has its own certificate, which should be added to Trusted Root Authorities on the client side to avoid security warnings.

If, by any means, you need to generate new certificate, please refer to the following instructions:

How to Generate a Self-Signed Certificate using Parallels Remote Application Server

SSL accepted versions and cipher strength in Parallels Remote Application Server

Parallels Remote Application Server introduced the ability to enforce and use specific versions of SSL, as well as allowing custom configuration of cipher strength. Check this article for further instructions:

SSL accepted versions and cipher strength in Parallels Remote Application Server

Third-Party Trusted Certificate Authority

Should you prefer using Third-Party Trusted Certificate Authority, generate certificate request in RAS Gateway Properties.

Using Enterprise Certificate Authority

Use IIS to receive a certificate from Enterprise CA. The certificate should be exported in the pfx format and then converted into the PEM format using the OpenSSL tool. Please refer to this article to proceed:

Convert from PFX Format to PEM Format for SSL certifcates imported from IIS

NOTE: The trusted.pem file on the Parallels Client side must include the intermediate certificate to be able to verify the cert from the third party vendor.

If the intermediate certificate for the vendor is not in the trusted.pem file, you will have to paste it in manually, or create a trusted.pem template file with the proper Intermediate Certificates and then replace the old trusted.pem file with the newly updated one.

This file resides in Program Files\Parallels or Program Files(x86)\Parallels on the client side.

Additional information

Detailed information can also be found in Paralells Remote Application Server Administrators Guilde (part "Configure SSL Encryption on a Gateway")

Search words:

SSL

certificate

TLS

encryption

PEM

CSR

PFX

Enterprise CA




e9df64665e7346a300c1e6d8fac71c28 1d70d1f9c41d01c5f7202a4290e434e1 17333b9b93206d7dd8962eace050749d cd13b65bcd43d1e2c4cb465404ad4612

FEEDBACK
Was this article helpful?
Tell us how we may improve it.
Yes No