Hello,
Trying to implement an Azure Application Gateway to allow for additional scaling across multiple OVP Nodes. Trying to understand where I can get the appropriate certificate from the initial OVP Node to allow for associated deployment into the Azure Application Gateway. We are using Letsencrypt at present - for production deployment we will be looking for a full CA deployment, but at present, attempting to resolve this issue to prove we can scale.
Many thanks.
Hi @IanPounder. Well, OV is intended to use nginx and the certificates configured on it. I don’t think you can use a letsencrypt certificte in your Azure Application Gateway. I never used Azure Application Gateway, but maybe you can configure a wildcart certificate on it (something like loadbalancer.domain.com, and use the same certificate in your OpenVidu instances with subdomains ov1.domain.com, ov2.domain.com. That maybe could do the work. But I did not tested, it could not work.
Regards,
Carlos
Thanks for the response Carlos - I’ll take a look 
Another interesting way could be to create an instance with an nginx acting as a reverse proxy with its own certificate
http {
upstream openvidu {
server ov1.example.com;
server ov2.example.com;
server ov3.example.com;
}
server {
listen 443 ssl;
ssl_certificate /home/cert.pem; <-- your certificate
ssl_certificate_key /home/cert.key; <-- your private key of the certificate
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_protocols TLSV1.1 TLSV1.2 TLSV1.3;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location / {
proxy_pass https://openvidu;
proxy_ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
}
}
Take in to account that OpenVidu is not stateless. It saves state about the sessions and other kind of information.
Again, I did not test it, I’m just giving some ideas