I have been asked about encryption using HTML (SSL certificates) or securing sessions from remote locations teleworkers using ncomputing thin clients.
I need to enable SSL for our environment.
We have in our environment 2 VERDE components: 1 CM only and 1 VDI node only.
We want to secure Management Console access and provide secure HTML access UC5 to virtual desktops.
How de enable SSL in VERDE? Do we need to enable it in each CM and VDI node? (there are some tutorials to enable Tomcat SSL servers… but those are a little complex and I don’t know if I will create a mess in VERDE trying to figure out how to enable it)
Do you have a guide for SSL security activation in VERDE and best practices to do that, for instance using Let’s Encrypt’s certificates?
SSL is enabled in VERDE by default. In fact, disabling SSL is very difficult and requires changes to Apache/Tomcat configuration.
Note that to access the VERDE Management Console you must use: https://<ip address>:8443/mc - the protocol is https implying SSL encryption is being used.
What may be a little confusing is that, by default, VERDE comes with a self-signed SSL certificate. That is why you will see the browser warning when you attempt to connect to the Management Console:
The browser shows this warning because the communication is using SSL but the certificate is not from an authorized provider such as GoDaddy, Digicert, AWS, etc.
Remember - even though the certificate is not from an authorized provider the data is still encrypted and secure.
To avoid this warning message - which admittedly can be concerning to users - you must obtain a valid SSL certificate from an authorized provider.
Important note: SSL certificates must be associated with a domain name. e.g., simplevdi.cl
Certificates can be defined as wildcard - so *.simplevdi.cl will work. Or, associated to a specific subdomain - e.g., verde.simplevdi.cl
An SSL certificate can NOT be associated to an IP address. You must have a domain name.