Managing Certificates

You can add, edit, or remove certificates and certificate bindings for SOTI MobiControl from the Certificates section of the SOTI MobiControl Administration Utility.

Note: Certificates generated in the SOTI MobiControl Administration Utility are pushed down to devices according to the device's update schedule.

The table below provides summaries of the main certificates present in the SOTI MobiControl Administration Utility.

Certificate Description
Deployment Server Identifies and encrypts deployment server communications.
Deployment Server Extensions and Web Console Identifies and encrypts communications with the deployment server extensions and the console.
iOS SCEP Certificate Signs client certificates delivered via SCEP to Apple devices. These client certificates are used to provide authentication for the device to SOTI MobiControl.
iOS Profile Signing Signs profile configurations for iOS devices so the device will trust them.
SOTI MobiControl Client Certificate Root CA Signs the client certificates for other (non-Apple) platforms. These client certificates are used to provide authentication for the device to SOTI MobiControl.
SOTI MobiControl IdP Certificate Identifies SOTI MobiControl to an Identify Provider (IdP). The private key is used to sign requests that are sent to the IdP, and the public key is given to the IdP as part of the SAML configuration process so that the IdP can trust the requests from SOTI MobiControl.
SOTI MobiControl IdP Client Certificate Signs and validates Java web tokens that SOTI MobiControl uses for internal identity management.
SOTI MobiControl Search Certificate Authenticates the SOTI MobiControl search server to SOTI MobiControl.
Cloud Link Certificate Authenticates a SOTI MobiControl Cloud Link agent to SOTI MobiControl.