Wildcard certificate problem

Discussion in 'Parallels Remote Application Server' started by doneliko, Mar 10, 2014.

  1. doneliko

    doneliko Bit poster

    Messages:
    1
    I use 2x trial v11 (1848)

    I have alert during opening 2XHTML5Gateway web page:
    This certificate cannot be verified up to a trusted certification authority

    Cert looks like ok, there is only problem with verification regarding issuer.

    To configure i made some changes on my server:
    - added key file to private key file option i SSL / TLS config of Secure Client Gateway Properties (2x)
    - added my wildcard file to certificate file option i SSL / TLS config of Secure Client Gateway Properties (2x)
    - i have also imported all needed CA to Trusted Root CA and Intermediate CA/ Certificates on Local Computer
    - added to c$\Program Files (x86)\2X\ApplicationServer\trusted.pem text file all needed information regarding CA

    What else should i do to make it work ?

    daniel
     
    doneliko, Mar 10, 2014
    #1
  2. andrews8

    andrews8 Hunter

    Messages:
    166
    Re: Wilcard certificate problem

    Hi thanks for your interest in 2X products.

    You should be able to implement any genuine certificate into 2X ApplicationServer, and when the 2X Client connects the secure connection would be applied accordingly. If however you have security level set on the terminal server and a certificate applied, 2X ApplicationServer doesn't have any control over this certificate and the issue would be caused by the Terminal Server itself.
     
    andrews8, Mar 14, 2014
    #2
  3. ricdgr

    ricdgr Member

    Messages:
    49
    Actually that is not true.

    2X Clients, unfortunatelly, only supports certificates directly signed by a CA that it trusts. It does not allow you to import Intermediate CA, and as so, it does not support certificates signed by Intermediate CAs (ex.: StartSSL certificates).
    So, if your wildcard is signed by an Intermediate CA that is not directly trusted by 2X Client, it will not work. Even if the CA that signed the intermediate is trusted.

    Regards.
     
    ricdgr, Mar 19, 2014
    #3
  4. jpc

    jpc Pro

    Messages:
    435
    @doneliko: From your description, it seems that you are getting the certificate issue when launching the web page (not during a connection). At that point, it's the browser that is giving you the warning not the 2XHTML5Gateway itself. If this is the case, then you should check your browser settings or ensure that the browser will accept your certificate in its default configuration.
     
    jpc, Mar 26, 2014
    #4

Share This Page