SSL Use best practices question

I have a finding I need to mitigate.  I have an SSL certificate for a web site.  The finding I have is for not using SSL with terminal services.  I could set up a terminal services gateway server, but that requires a SSL certificate.  Is it an acceptable security practice to use the same certificate for the web site on the TS gateway server?

Thanks,

Matt
awakeningsAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

awakeningsAuthor Commented:
I made it 500 points.  I'd like a why or why not and what the risks are.  The risks to me seem minimal, but this is my first time dealing with this particular question.
0
awakeningsAuthor Commented:
Anyone?
0
giltjrCommented:
Is the web server and the TS server the same box and same OS?

Is this a self-signed certificate?  Or a certificate issues by a well know CA?

If you have two separate boxes and the certificate is issued by a well know CA (such as VeriSign) you have to check their policy, but typically each server needs its own certificates.
0
Redefining Cyber Security w/ AI & Machine Learning

The implications of AI and machine learning in cyber security are massive and constantly growing, creating both efficiencies and new challenges across the board. Join our webinar on Sept. 21st to learn more about leveraging AI and machine learning to protect your business.

awakeningsAuthor Commented:
The TS server would be on a different server in a different DMZ.  The certificate is from a well known CA.
0
giltjrCommented:
You need to check their policies.  All the ones I have dealt with would require a separate certificate in that situation.

However, if I were the one in charge, I would look at using a self signed certificate for the TS server.  I would assume that only employees would be accessing it, and you can always give them the public cert and give them procedures on how to install on their home computers.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
awakeningsAuthor Commented:
Thanks...  That was my guess, but I wanted another opinion.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Security

From novice to tech pro — start learning today.