2X Application Server CSR & Installation
2X Application Server CSR and Installation Instructions
2X Application Server CSR Creation
By enabling SSL encryption, your 2X Gateway provides encryption to your terminal servers. You can enable clients to connect using SSL by checking the box to "Enable SSL on Port:", usually using 443 as the default SSL setting. You can find this option under the SSL/TLS tab of the 2X Secure Client Gateway Properties window.
To access the Gateway Properties window, click on the Farm in the Navigation panel of the 2X Application Server and Load Balancer Console and then click on Gateways. Next, click the Gateway you want to edit and click "Properties."
To create a CSR for your 2X Application Server, open the Secure Client Gateway Properties window and go to the SSL/TLS tab, and then choose to "Generate new certificate...". A new window will appear, into which you will enter the following information:
Once you have generated your CSR file you can send it to DigiCert during the order process or upload it to your account if reissuing a certificate.
Installing an SSL Certificate on a 2X Application Server
From the SSL/TLS tab of the 2X Secure Client Gateway Properties window, click the "..." link to browse to the Private Key you created during the CSR creation process, and then again to find the Certificate file that was returned to you from COMODO. If you receive a certificate file that includes an intermediate (all COMODO certificates are issued with one or more intermediates for security purposes), you will want to combine those two files into one .pem file before enabling your certificate.
To create that file, simply open both certificate files in a text editor and copy them into a new file in the following format:
You should be able to enable the certificate by browsing to your new certificate.pem file and selecting it like you selected the private key, and then pressing the OK button at the bottom of the window.
If you get the error unable to get local issuer certificate. <20> you will need to add the intermediate certificates to the trusted.pem file on each of the clients by doing the following: