How to Install your SSL Certificate on Thinfinity Remote Desktop

How to manage your SSL Certificates on Thinfinity Remote Desktop Server

How to manage your SSL Certificates on Thinfinity Remote Desktop Server

An SSL certificate is an effective way to secure a website against unauthorized interception of data. At its simplest, an SSL Certificate is used to identify the website and encrypt all data flowing to and from the Certificate holder’s Website.
Thinfinity Remote Desktop Server includes a valid SSL certificate and all communications will be encrypted by the product’s default certificate.
Would you like to use your own certificate? Need to add special configurations to the default SSL settings? Then you just need to follow this tutorial.

How to install a secure SSL certificate
for Thinfinity Remote Desktop Server

To manage your SSL certificates you must open Thinfinity Remote Desktop Server Gateway Manager, and click the little certificate icon:
How to manage your SSL Certificates on Thinfinity Remote Desktop Server
You can either use our certificate or configure your own.
If you want to use our default certificate you should have the files set as the image below:

To create a self signed certificate just click on ‘Create a self-signed certificate’. This will bring up the form below:
Create self-signed certificate and private key for Thinfinity Remote Desktop Server

Country Code: The two letter country code of the International Organization for Standardization (ISO 3166)

State: Full unabbreviated name of the state or province your organization is located.
Locality: Full unabbreviated name of the city where your organization is located.
Organization: The name your company is legally registered under.
Organizational Unit: Use this field to differentiate between divisions within an organization.
Common Name :The domain name or URL you plan to use this certificate with.
E-Mail Address: Company email address.
Bits: We recommend using a 2048 length key.
IMPORTANT: Keep in mind that this certificate has not been issued by a known Certificate Authority (CA), hence, the web browsers will warn you they can not verify its authority.

Request and install a CA Certificate for your Server

To aquire a valid certificate from a Certificate Authority (such as GoDaddy, VeriSign, Thawte, GeoTrust, etc.), you will need to create a certificate request from the ‘Create a Certificate Request’ button.
The page will ask you to fill a form similar to the one above, but instead of creating a self signed certificate file it will create 2 files:

Private key: You should always keep this safe with you.
Request key: This has to be sent to the Certificate Authority (CA).

The CA will send you back the certificate file and the certificate chain file (or CA File). With these files and the private key you are ready to configure your Server certificate.
Bear in mind Thinfinity Remote Desktop Server only supports PEM format certificates. PEM certificates usually have extensions such as .pem, .crt, .cer, and .key. They are Base64 encoded ASCII files and contain “—–BEGIN CERTIFICATE—–” and “—–END CERTIFICATE—–” statements.
If your certificate has a different format you can use OpenSSL to convert this, below are some useful commands to do so:
Convert DER to PEM
openssl x509 -inform der -in certificate.cer -out certificate.pem
Convert P7B to PEM
openssl pkcs7 -print_certs -in certificate.p7b -out certificate.cer
Convert PFX to PEM
openssl pkcs12 -in certificate.pfx -out certificate.cer -nodes

Have any questions?

Book a call today to learn more about how Thinfinity® can help your organization. We are always available to guide you and provide the best solution based on your specific needs.

6 Comments

Bryan
Reply
January 9, 2019 at 9:46 pm

This process worked great in v3.x but the same certificates fail when attempting to use them under v4.x. Has the process and/or requirements changed?

Mahendra
Reply
October 3, 2018 at 11:19 am

Awesome. Thanks!

Jitendra Raulo
Reply
July 18, 2018 at 5:04 am

Awesome. Will try it!

Prashanth Ramanujam
Reply
July 11, 2018 at 4:14 am

I’m trying to generate a certificate using the key. The requirement is to browse to http://www.mydomain.com/.well-known/acme-challenge/WPr7uY_nCVMHAuDxQqgWS_r1bZQLmWtOJx45nsbeAAB
I created a certificate.pem file & copied the generated certificate into this. This does not seem to work, what am I missing here?

Add Comment

Thinfinity_logo

Get a Demo

Experience how Universal ZTNA with Thinfinity® integrates with VDI and DaaS for unmatched security and flexibility.

Blogs you might be interested in

<span>Digital Workspaces</span>, <span>IT Admin</span>, <span>RDC</span>, <span>RDP</span>, <span>Remote Desktop</span>, <span>Thinfinity Workspace</span>, <span>User Experience</span>