Managing the SSL Certificate
You can access configuration for the SSL certificate by pressing the "Edit" button in the Gateway manager, available when the protocol is set to HTTPS.
An SSL certificate is an effective way to secure a website against unauthorized interception of data. At its simplest, an SSL Certificate is used to identify the website and encrypt all data flowing to and from the Certificate holder's Web site. This makes all exchanges between the site and its visitors 100 percent private.
A valid SSL certificate is included with the Thinfinity® Remote Desktop Server installation and all communications are already encrypted with the product's default certificate. You may want to create your own certificate to identify your company better.
Managing the SSL Certificate:
1. There are two ways of creating your own SSL certificate:
a. Create A self-signed certificate
b. Use A CA Certificate
2. Once you already have your certificate files, go to the Thinfinity® Remote Desktop Server manager "General tab".
3. Click on the "Edit" button when using HTTPS.
4. On this screen, inside the "Certificate" menu, you can select the certificates that are located in your Personal folders in Window's certificate folder.
5. If you need to add your own certificate, you can do so by clicking on the "New" button and then "Import Certificate". Windows Import certificate menu will be displayed. Follow the instructions for adding it to the running system.
The Default Embedded Certificate
The Default Embedded Certificate
Along with the Thinfinity® Remote Desktop Server installation, goes a certificate called "self-signed.pem". You will find it inside the \cert directory, located inside the Thinfinity® Remote Desktop Server application path.
Note: Because this certificate is not issued by a known Certificate Authority (CA), the web browsers will produce a warning about verifying its authority.
A Self-Signed Certificate
This option is used to create your own self-sign certificate.
1. Go to the Thinfinity® Remote Desktop Server manager 'Genera'' tab. Click on 'Edit' on an HTTPs connection.
2. Click on "New" and , press the 'Create a self-signed certificate' button.
3. Fill in the form below with your organization data:
OPTION
DESCRIPTION
Country Code
The two letter country code of the International Organization for Standardization (ISO 3166)
State
Full unabbreviated name of the state or province your organization is located.
Locality
Full unabbreviated name of the city where your organization is located.
Organization
The name your company is legally registered under.
Organizational Unit
Use this field to differentiate between divisions within an organization.
Common Name
The domain name or URL you plan to use this certificate with.
E-Mail Address
Company e-mail address.
Bits
We recommend using a 2048 length key.
4. The "Common Name" field should be filled with the server+domain that will be used to access Thinfinity® Remote Desktop Server (rdp.mycompany.com).
5. Press Create.
6. Select the location where you want the certificate to be stored.
7. The application will start using this self-signed certificate just created by you.
Note: Once this certificate is not issued by a known Certificate Authority (CA), the web browsers will warn you they can not verify its authority.
A CA Certificate
In order to use this option you will have to get a certificate from a known Certificate Authority (CA). Some CA examples are GoDaddy, VeriSign, Thawte, GeoTrust and Network Solutions.
The CA will ask you for a "certificate request". Create one following the next steps:
1. Go to the Thinfinity® Remote Desktop Server manager 'Genera'' tab. Click on 'Edit' on an HTTPs connection.
2. Click on "New" and , press the 'Create a self-signed certificate' button.
3. Fill in the form below with your organization data:
OPTION
DESCRIPTION
Country Code
The two letter country code of the International Organization for Standardization (ISO 3166)
State
Full unabbreviated name of the state or province your organization is located.
Locality
Full unabbreviated name of the city where your organization is located.
Organization
The name your company is legally registered under.
Organizational Unit
Use this field to differentiate between divisions within an organization.
Common Name
The domain name or URL you plan to use this certificate with.
E-Mail Address
Company e-mail address.
Bits
We recommend using a 2048 length key.
4. The 'Common Name' field should be filled with the server+domain that will be used to access Thinfinity® Remote Desktop Server (rdp.mycompany.com)
5. Press 'Create' and the application will generate two files.
6. The first window will ask you a location to keep the private key file: 'Where do you want the private key file to be stored'.
a. Inform a name for your private key.
b. Select a place to keep it safe.
c. Press the 'Save' button.
7. The second window will ask you a location to keep the request file: 'Where do you want the request file to be stored.'
a. Inform a name for the request file.
b. Select a directory where you can find the file later on to send to the CA.
c. Press the 'Save' button.
8. The first file is the certificate private key. It should always be kept safe with you.
9. Send only the request file to the CA.
After the CA validation process, place the certificate they sent to you on Thinfinity® Remote Desktop Server cert directory and inform the path to the files on Thinfinity® Remote Desktop Server Manage Certificate option (Certificate file, CA file and Private Key).