"Guide to Application Delivery Solutions: Ensuring Optimal Performance and Security"
Application delivery solutions are essential for businesses and organisations. Here is a guide to wade the waters of a broad market.
Would you like to see the site in a different language?
TSPLUS BLOG
Why an SSL Certificate? SSL (Secure Socket Layer) Certificates, known more generally as Public Key Certificates, are part of a protocol that is now commonly referred to as SSL/TLS (Transport Layer Security). They are a set of small files that need to be purchased and installed on your web server to secure your internet server connection and initiate safer sessions with your browser. Their vocation is to protect your company data from hackers and malicious people on the Internet across the world.
SSL (Secure Socket Layer) Certificates, known more generally as Public Key Certificates, are part of a protocol that is now commonly referred to as SSL/TLS (Transport Layer Security). They are a set of small files that need to be purchased and installed on your web server to secure your internet server connection and initiate safer sessions with your browser. Their vocation is to protect your company data from hackers and malicious people on the Internet across the world. Read on for how TSplus software helps you get the best out of SSL certificates for Remote Desktop connections.
To do so, the public key certificate (or SSL/TLS certificates) will link a cryptographic key between the name of your domain, server or host, and your organization details. This way, when a communication is initiated between a user and your domain or server, their authenticity can be checked, and a safe tunnel set up for communicating.
The public key certificate enables end-to-end encryption of communications between the user’s navigator (Chrome, Firefox, Internet Explorer…) and the remote web server (IIS, Apache or TSplus). Thanks to this, all your sensitive data (credit card number, passwords, etc.) is encrypted in a way that only the intended target (server) can understand.
Using these certificates, TLS protocol also supplies authentication for your website, which is certified as a secure one to the public. Not only is your website checked, but your server identity is also verified, proving them not to be a fake copy of the real thing, thus proving to your visitors that they are in the right place. Besides, because public key certificates work over HTTPS, they prevent interception of your communication with the server by someone external.
So, a valid public key (SSL) certificate is essential to get and maintain your customers’ trust, assuring them they are taking no risk by sharing their personal information on your website. While HTTP was still prevalent, validation used to be visualized thanks to a green bar displayed by the web browser, so users could directly see that their connection was secure and that they could trust the visited website, but the feature has been discontinued.
Along with the place HTTPS has taken in place of HTTP, more secure communication brought by public key certificates is also important when establishing remote connections and remotely accessing sites and servers.
Among other things, TLS protocol will check the correct allocation of IP addresses and such aspects, as well as using public key certificates (TLS or SSL) to check whether a domain is the one it claims to be. And another thing worth knowing is that the whole certification process is highly resource-consuming, so it may slow down your website’s performance if you have a large quantity of visitors.
For a few years now, browsers have been blocking non-HTTPS pages from displaying, that is those that are not encrypted with a public key certificate. This means that having and installing a valid certificate is no longer a choice but an obligation for all.
The problem is that purchasing such a certificate can be expensive and the process of using it is often only known by dedicated experts. Because some widely known certificate providers are well known, the prices are fixed very high.
Bearing in mind, buying a certificate from a certification authority to equip the server for one specific machine seems set to be potentially tedious and proportionally even more costly.
One alternative for obtaining these public key certificates is that often, at the time of purchase, website hosts provide the associated certificate for the domain along with the website’s domain name. That makes it possible to benefit from an address such as https://my-domain.com.
Nevertheless, the installation of the certificate, its association with the domain name, its propagation over the Internet, remain complex technical tasks which untrained people know poorly if at all. It must be done but not everyone knows how to do it.
That is why TSplus has chosen to offer all its clients and partners an embedded solution, for free . This technology masks the complexity of SSL certificate management. It also eliminates the overall costs and potential problems linked to the need to have access such as https://my-domain.com to reach your web environment.
The automated public key certificate generation feature and the immediate activation of this certificate is a major advantage. It eliminates the implementation hurdles to setting up TSplus Web Access.
According to your needs, you can usually apply for different types of SSL certificates:
• Domain Validation (DV) SSL Certificates:
These certify the website and ensure that the organization has the right to use and administer this domain name.
• Organization Validation (OV) SSL Certificates:
As well as the administrative rights to the domain name, this level of certification gives additional information about the organization behind the domain name.
• Extended Validation (EV) SSL Certificates:
These are created by a Certificate Authority (CA) and the delivery is bound to an EV Audit to check whether the information about the organization is complete and in legal existence. This audit includes checks by a human and is repeated and invoiced every year.
Prices can be as high as $800 according to the type of Certificate, it can take a few days to be delivered by the Certificate Authority, and it requires hours of manipulation to install it properly.
You may well be relieved to know that the TSplus technical team has chosen to provide you with a free and valid SSL Certificate generator. This has been included from TSplus 9.20 release onwards. In 3 clicks, you will be able to get a valid SSL certificate which will be automatically renewed. Most importantly, this public key certificate is installed and configured automatically on the TSplus built-in web server.
It is very easy, quick and it doesn’t require any extra technical knowledge to be implemented correctly. TSplus takes care of the entire process.
This feature works with Let’s Encrypt, an organization which delivers trusted certificates without any human intervention. The process is divided into two steps and relies on the action of a certificate management agent that supports Let’s Encrypt, directly on the server.
1. The agent checks whether the domain has an existence on the server.
2. The agent manages the generation and revocation of the certificates for this domain.
Our Free Certificate Manager first collects your data then uses it to connect with the Let’s Encrypt web services. This way it can check the validity of your domain and then provides you with the valid and personalized certificate.
You will be able to use your Remote Desktop application with HTTPS. The certificates used by TLS mean you can get a completely secured connection with your TSplus server. No more worries of being spied on or losing control of your actions. With TSplus, you have the possibility to make sure all the clients connected to your server automatically use HTTPS.
To benefit from this secure communication on your TSplus system, here are the requirements your set-up needs to meet:
• You must use port 80 for HTTP and port 443 for HTTPS.
• Your server’s domain name must be accessible from the public Internet.
• You must run this program on the Gateway server or a Standalone Server.
• You cannot get a certificate for an IP address.
• If you want to get a certificate for an internal domain name (sub domain of a generic domain), you must create a separate domain.
All that is left for you to do now, is to follow the step-by-step to get your SSL certification into shape.
Now you are all set to get a valid SSL Certificate generated for your domain name! In a few minutes and for free! Download a 15-day trial here. How better to get a taste of what our software can do for your company? Our website has great basic information to start out and our online documentation and FAQs should bridge any gaps Finally, should you need any extra tips on how to get the best out of our software tools, our teams are on hand and happy to help.
Simple, Robust and Affordable Remote Access Solutions for IT professionals.
The Ultimate Toolbox to better Serve your Microsoft RDS Clients.
Get in touch