Assigning an SSL Certificate

You can assign an SSL certificate to the Connector during installation. This will prevent certificate verification errors when connecting to the CAS Manager or CAS Manager as a Service Interface through your browser. It will also prevent the PCoIP client from reporting an insecure connection when establishing a PCoIP session.

The certificate you provide must be signed and validated by a root certificate that the client trusts. The certificate must be combined or bundled with the intermediate certificates in PEM format and copied, along with the key, to the Connector server prior to installation.

For an example of how to create a self-signed certificate, see Creating a self-signed certificate on a Windows 2016 Active Directory Server. For an example of a method to install a certificate on your Active Directory, see Installing a certificate on your Active Directory server to enable LDAPS.

The DNS needs to be setup so that 'casm.test.com' for example, is registered to the public IP address of the application gateway.

When the Connector is installed, you will be prompted for the following information:

• The full path and filename of the SSL key
• The full path and filename of the SSL certificate

If you do not wish to specify a certificate when installing the Connector, you can bypass this by entering the command line option --self-signed (which is recommended strictly for testing purposes). If you decide to use a certificate later, Teradici recommends creating a new Connector and deleting the old one. For information on updating SSL certificates, see Updating the Cloud Access Connector.