SMB SSL-VPN: Can I use multiple certificates for multiple portals on SRA
03/26/2020 1019 10939
DESCRIPTION: SMB SSL-VPN: Can I use multiple certificates for multiple portals on SRA
Using the SRA it is possible to import more than one certificate and then use each of these certificates for different portals.
This helps to prevent the certificate mismatch warning messages when accessing portals.
In order to associate a portal with a particular certificate a portal has to be created with a specific Virtual host domain name in the Virtual host tab that matches the Virtual host certificate as per example below.
Virtual host certificate dropdown menu displays all certificates available/installed on the SRA.
Virtual host IP address will have to be specified for each portal in order to associate the portals with the corresponding certificates.
This scenario requires that a relevant NAT/PAT policy be added on the firewall to translate the destination public IP addresses to the correct Virtual host IP addresses (specified in the portals).