Goal

To set up SSL security, which uses both server and client certificates to connect to a host from a Terminal Viewer session through MCS.

Setting up SSL security to connect to a host through MCS does not affect user authentication to the myAccess Links page. For information about authentication for the myAccess Links page, see Authenticating Presentation Users.

Method

To use the SSL capabilities of MCS, you must include a server site certificate issued by a certificate authority (CA). If you don't already have a server site certificate, you must obtain and install one.

To provide additional security, you can implement client certificate authentication, which specifies that a personal certificate is required for all computers accessing the MCS console or connecting to a host through MCS. In addition, a CA certificate for each client certificate is installed on the MCS server.

Client certificates are optional when using SSL through MCS. However, if you use client certificate authentication, users will not have to provide a user name and password when they access MCS or configurations stored on the MCS server. After your certificates are installed, you can configure the viewer session to connect to the host by way of the MCS secure port and authenticate against the client certificate when a user connects.

SSL security through MCS is not implemented for EXTRA! sessions. With hosts that support SSL, however, you can use SSL security to connect directly to a host in an EXTRA! session.

To set up SSL security through MCS, you use these components:

Before You Start

This How-To assumes that you have installed and configured at least one Terminal Viewer session and an MCS server.

Steps

Following are the main steps you need to complete for this How-To:

  1. Get and install a server certificate for your MCS server.

  2. (Optional) Get and install client certificates for computers that will run viewer sessions.

  3. Set the authentication type for your viewer session.

  4. Configure SSL options in the viewer session configuration.

  Attachmate