SSL Use best practices question

I have a finding I need to mitigate.  I have an SSL certificate for a web site.  The finding I have is for not using SSL with terminal services.  I could set up a terminal services gateway server, but that requires a SSL certificate.  Is it an acceptable security practice to use the same certificate for the web site on the TS gateway server?

Thanks,

Matt
awakeningsAsked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
giltjrConnect With a Mentor Commented:
You need to check their policies.  All the ones I have dealt with would require a separate certificate in that situation.

However, if I were the one in charge, I would look at using a self signed certificate for the TS server.  I would assume that only employees would be accessing it, and you can always give them the public cert and give them procedures on how to install on their home computers.
0
 
awakeningsAuthor Commented:
I made it 500 points.  I'd like a why or why not and what the risks are.  The risks to me seem minimal, but this is my first time dealing with this particular question.
0
 
awakeningsAuthor Commented:
Anyone?
0
Will You Be GDPR Compliant by 5/28/2018?

GDPR? That's a regulation for the European Union. But, if you collect data from customers or employees within the EU, then you need to know about GDPR and make sure your organization is compliant by May 2018. Check out our preparation checklist to make sure you're on track today!

 
giltjrCommented:
Is the web server and the TS server the same box and same OS?

Is this a self-signed certificate?  Or a certificate issues by a well know CA?

If you have two separate boxes and the certificate is issued by a well know CA (such as VeriSign) you have to check their policy, but typically each server needs its own certificates.
0
 
awakeningsAuthor Commented:
The TS server would be on a different server in a different DMZ.  The certificate is from a well known CA.
0
 
awakeningsAuthor Commented:
Thanks...  That was my guess, but I wanted another opinion.
0
All Courses

From novice to tech pro — start learning today.