Using reverse proxy
Reverse proxy has its certificate, decrypts the incoming communication, and encrypts its again using the target server certificate.
When using ESET Secure Authentication On-Prem behind a reverse proxy server (for example, to make the Authentication Server accessible via public domain address), consider the information below.
•In invitation details:
oUse the IP address of the proxy server instead of the name of the Authentication Server
oUse the certificate hash of the proxy server certificate
•If Authentication Server is installed in Active Directory Integration mode:
oESA components (for example, Windows Login, Remote Desktop Protection, RADIUS) have to be installed in Standalone mode
oIn the invitation, use the IP address of the proxy server instead of the name of the Authentication Server
oCannot log in to the ESA Web Console using domain authentication
If you want to use a proxy server for port forwarding only, you still have to regenerate a server certificate with the new IP_address:port as the alternative name.