SMB SSL-VPN: Can I use multiple certificates for multiple portals on SRA

Description

SMB SSL-VPN: Can I use multiple certificates for multiple portals on SRA

Resolution

Using the SRA it is possible to import more than one certificate and then use each of these certificates for different portals.

This helps to prevent the certificate mismatch warning messages when accessing portals.

In order to associate a portal with a particular certificate a portal has to be created with a specific Virtual host domain name in the Virtual host tab that matches the Virtual host certificate as per example below.

Virtual host certificate dropdown menu displays all certificates available/installed on the SRA.

 

Image

 

 

Please note:

Virtual host IP address will have to be specified for each portal in order to associate the portals with the corresponding certificates. 

This scenario requires that a relevant NAT/PAT policy be added on the firewall to translate the destination public IP addresses to the correct Virtual host IP addresses (specified in the portals).

 

Related Articles

  • SMA100 End of Support No-Charge Replacement FAQ
    Read More
  • SMA1000: Post upgrade to 12.5.0 on AWS and Azure, we show the error Could not retrieve the DNS settings once we log in to AMC/CMS console
    Read More
  • Firmware version required to upgrade to version 12.5.0.
    Read More

Categories

Secure Mobile Access
SMA 100 Series
not finding your answers?
Ask the Community