On June 1st 2022 Parallels released Remote Application Server 19 Public Preview! This version comes with a lot of new exciting features! In a previous article I focused on the MSIX app attach support. In this article I want to address the support for Let’s Encrypt!
Let’s Encrypt is a free, automated, and open certificate authority by the nonprofit Internet Security Research Group (ISRG). Their mission is creating a more secure and privacy-respecting web for eveyone by promoting adoption of HTTPS. They do not charge any fees for their certificates that are valid for 90 days. The certificate management automation provided by Parallels RAS allows to issue, automatic renew, manual renew and revoke certificates.
There are two basic requirements that are needed to get started.
- You need a publicly accessible domain that resolves to the Secure Gateway directly or through third-party load balancers.
- On the the Secure Gateway, port 80 must be opened for incoming Let’s Encrypt requests
First, to make sure that only Let’s Encrypt is able to access port 80 on your Secure Gateway, configure the network properties of the Secure Gateway as shown below.
Next, go to farm, certificates, and select ‘Let’s Encrypt settings’.
Select the ‘I have read and accept Let’s Encrypt EULA’ option, provide an expiration email address, and optionally change how many days before expiration you want to automaticially renew.
Now select the + sign and choose ‘Issue Let’s Encrypt certificate’.
Now provide the required information to issue the certificate. Once you have done that the certificate will appear in the list and will show a status of ‘Issuing’ first.
Once this is completed, this only takes a few minutes, you are ready to go!
To confirm, connect to the web portal and as you can see below, the certificate is in use, valid and publicially trusted!
And the session information of the Parallels RAS 19 client also shows the certificate.
Both manually renewing and revoking is also possible from within the Parallels RAS console. To renew or revoke, simple right click the certificate, select control, and perform the desired action.
Parallels did a great job in making the issuing, renewing, and revoking of certificates via Let’s Encrypt super easy! Overall, Parallels really excels in continuously bringing improvements to RAS based on community as well as customer feedback. I’ve been part of the Parallels VIPP group since 2017 and can tell you the Let’s Encrypt support is only one of many, many examples where Parallels truly listens to feedback, updates their backlog accordingly and makes it happen!
For more information on Let’s Encrypt visit letsencrypt.org
Give it a try! Log in to your existing Parallels My Account, download and install the Parallels RAS 19 Technical Preview to get started. If you do not already have an account, please visit my.parallels.com/register
No comments:
Post a Comment