Tips for finding Knowledge Articles

  • - Enter just a few key words related to your question or problem
  • - Add Key words to refine your search as necessary
  • - Do not use punctuation
  • - Search is not case sensitive
  • - Avoid non-descriptive filler words like "how", "the", "what", etc.
  • - If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
  • - Minimum supported Internet Explorer version is IE9
Home  >
article

KB-9101: Multiple IWA Certs on single host

Centrify Privilege Service ,  

11 September,17 at 07:57 PM

Question:

What are the possible issues with having multiple IWA Certs on multiple tenants?
Can only one cert be installed on a connector for each tenant even though the connector is only registered with one tenant?

Answer:

IWA uses a cert that it installs on a connector machine. Multiple IWA certs should not be added, because we only support one connector per machine and the IWA cert is per connector. When the cloud attempts IWA, it uses the connector's FQDN. That connector, that hosts the FQDN, creates an HTTPs binding with one cert. This SSL cert is determined by the cloud. The IWA host is uploaded to the cloud UI from AP or an auto generator per connector. This cert then gets sent to the connector on start up.

There can be multiple certs on the machine, but the connector will only use one because it creates a host endpoint that binds to the SSL cert sent by cloud.











 

Still have questions? Click here to log a technical support case, or collaborate with your peers in Centrify's Online Community.