Configure a secured port and SSL certificate

In the Secure Gateway Configuration dashboard, select the Security page to modify the port and SSL certificate that will be used by the Secure Gateway.

Note: Before configuring the port, make sure it is not currently in use.

From the SSL Certificate field, select the desired SSL certificate to be used by InTouch Access Anywhere Secure Gateway. It is strongly recommended to use a trusted certificate when the InTouch Access Anywhere Secure Gateway is used in production. Verify whether the selected certificate is trusted.

Configure the desired security options. The Ignore certificate errors while doing SSL handshake with a client option is selected by default.

The options are as follows:

Note: The recommended deployment method is to have none of the above options checked. The most secure method is to leave all security features enabled.

• Ignore certificate errors while doing SSL handshake with a client: this option refers to the certificate verification between any clients connecting to the InTouch Access Anywhere Gateway.

  If this option is checked, you will not be prompted with a certificate error if a connecting client's trusted certificate is not recognized on the Access Anywhere Gateway node

• Ignore certificate errors while doing SSL handshake with host: this option refers to the certificate verification between the Access Anywhere Gateway and the Access Anywhere Server. If the Access Anywhere Server does not have a trusted certificate recognized on the Access Anywhere Gateway node, the connection will be rejected.

  If this option is checked, you will not be prompted with a certificate error if the Access Anywhere Server's certificate is not recognized on the Gateway node.

• Enable Draining Mode: this option will disable new connects being made to the Access Anywhere Server, and old connects will be closed out.