Assigning an SSL Certificate
You can assign an SSL certificate to the CAS Connector during installation. This will prevent certificate verification errors when connecting to the CAS Manager or CAS Manager as a Service Interface through your browser. It will also prevent the PCoIP client from reporting an insecure connection when establishing a PCoIP session.
The certificate you provide must be signed and validated by a root certificate that the client trusts. The certificate must be combined or bundled with the intermediate certificates in PEM format and copied, along with the key, to the CAS Connector server prior to installation.
For an example of how to create a self-signed certificate, see Creating a self-signed certificate on a Windows 2016 Active Directory Server. For an example of a method to install a certificate on your Active Directory, see Installing a certificate on your Active Directory server to enable LDAPS.
The DNS needs to be setup so that 'casm.test.com' for example, is registered to the public IP address of the application gateway.
When the CAS Connector is installed, you will be prompted for the following information:
- The full path and filename of the SSL key
- The full path and filename of the SSL certificate
If you do not wish to specify a certificate when installing the CAS Connector, you can bypass this by entering the command line option
--self-signed (which is recommended strictly for testing purposes). If you decide to use a certificate later, Teradici recommends creating a new CAS Connector and deleting the old one. For information on updating SSL certificates, see Updating CAS Connector.