If you SSL ConnectPro you use the address of HTTPS://localhost :4428 to connect to the GUI.. to use the SSL in termproxy you will need to install the SSL client package on both the device and the PC from which you are deploying from..
For the client configuration do one of the following:
- Have the certs created for you
- Use OpenSSL to create the certs
- openssl genrsa -out key.pem 2048
openssl req -new -key key.pem -out csr.pem
openssl req -x509 -days 365 -key key.pem -in csr.pem -out certificate.pem
** when it asks for the FQDN use the FQDN of the ConnectPro server..
From here you can use the certificate.pem and import that into TE
Next you will want to take the certificate.pem and key.pem and rename them to following ConnectPro Friendly name
- certificate.pem = servercert.pem
- key.pem = serverkey.pem
Place those in the connectPro install directory and RESTART the service for ConnectPro..
3. Use the TE cert manager
To use SSL in the client you MUST use the SSL configuration with in the TermProxy Tab.. NOT the host profile tab
If you are going to verify the certificates, make sure to check that option and then use the Select verification certificates
This bring up the cert manager.. from here you can choose import, remove or create.. if you created the cert with a third party application, use the import feature.. if you want to create the certificate here, choose create certificates.
For this demo I am going to create my certificate.
The only field that is required is the server address.. This is the address of ConnectPro, FQDN.. Fill out the rest if you wish. Once done click OK
You will then go through a series of prompts asking to create and save certs for termproxy and velocityCE.. says yes to create the certs.. once you are done here go to: C:\Program Files (x86)\Wavelink\SSL\Certificates, grab your newly created certs and place them in the Termproxy install directoy.
RESTART the termproxy server service.
All you have to do now is connect.. you will see the conenction is secured by the SSL/TLS notification at the bottom of the client
***** Be advised however that the server communications from ConnectPro to the host server are NOT encrypted unless you set up SSH