Obtaining and Installing Client Certificates

Client certificate authentication can be used with Terminal Viewers. You can set up client (personal) certificates to provide user authentication so that users will not have to provide user names and passwords when they access MCS. You must have set up SSL on the MCS server before you can set up client certificates, although you could use the demonstration certificate for this purpose. The demonstration certificate should be used only for testing; it should not be used in a production environment.

For more information about the demonstration certificate, see the topic SSL Certificates.

When you set up client certificate authentication, a client certificate is installed on each client computer and a CA (certificate authority) certificate for that client certificate is installed on the MCS server.

To obtain and install a client certificate
  1. After setting up SSL on the MCS server, on each client computer, create and submit a certificate request to a certificate authority (CA).

    A separate submission must be made from each client computer.

  2. When you are notified by the CA that the request has been fulfilled, use the browser to install the certificate on the client computer.

    The steps for installing the certificate are different, depending on the browser you use.

  3. To install the the CA certificate for your client certificate on the MCS server or server cluster, in the MCS left pane, point to Services and then click Security.

  4. In the Security tree, click Security Services.

  5. In the right pane of the MCS window, click the Security Services Client Certificates tab.

    The Security Services Client Certificates page appears in the right pane of the MCS window.

  6. Choose Add to display a dialog box from which you can select a CA certificate file name.

  7. Use the Mapping options to map client certificates to user names. The user name looked up in the directory service is the result of applying the specified mapping options to a field in the client certificate. Only the Field option is required.

  8. Choose Save.

Related Topics
Bullet Security Services, Overview
Bullet SSL Certificates, Overview
Bullet Obtaining and Installing a Server Certificate
Bullet Obtaining a Certificate from thawte.com
Bullet Obtaining a Certificate from verisign.com