Secure Mobile Access 12.4 Administration Guide

Certificates

The SMA appliance uses SSL certificates to secure information that the client computer sends to the server, and to validate the appliance’s identity to connecting users; see the below image:

  • The Secure Mobile Access services use a certificate to secure user traffic from a Web browser to WorkPlace, and from the Connect clients to the appliance. (If you want to provide several WorkPlace sites, you can use a wildcard certificate for multiple sites, or associate a different certificate with each one. In either case, the sites can have different host and domain names; for more information, see Adding WorkPlace Sites.)

  • AMC uses a separate certificate to secure management traffic.

    Certificate usage

Subject Alternative Name (SAN) certificates are supported for Workplace, Workplace sites, and Connect Tunnel. These certificates are used to securely encrypt communication channels between a set of clients and multiple distinct SSL or TLS services.

SAN certificates simplify the IP address/hostname/certificate sets needed for a typical deployment. With a single SAN certificate, you can utilize one IP address with multiple distinct SSL or TLS protected web or client/server services, without the need for configuring additional IP addresses. Additionally, SANs can be used for different host names on the same IP address, alleviating the need for a one-to-one mapping of SSL certificate Common Names to FQDN.

The Administrator can generate, import, process, and otherwise use a SAN certificate for Workplace, ActiveSync, Custom FQDN URL Mapping, or Tunnel-based access services.

CA certificates are also used for securing connections to back-end servers and authentication using client certificates. See Importing CA Certificates for more details.

Was This Article Helpful?

Help us to improve our support portal

Techdocs Article Helpful form

  • Hidden
  • Hidden

Techdocs Article NOT Helpful form

  • Still can't find what you're looking for? Try our knowledge base or ask our community for more help.
  • Hidden
  • Hidden