Managing Certificates
You can add, edit, or remove certificates and certificate bindings for SOTI MobiControl from the Certificates section of the SOTI MobiControl Administration Utility.
Note: Certificates generated in the SOTI MobiControl Administration Utility are pushed down to devices according to the device's update schedule.
The table below provides summaries of the main certificates present in the SOTI MobiControl Administration Utility.
Certificate | Description |
---|---|
Deployment Server | Identifies and encrypts deployment server communications. |
Deployment Server Extensions and Web Console | Identifies and encrypts communications with the deployment server extensions and the console. |
iOS SCEP Certificate | Signs client certificates delivered via SCEP to Apple devices. These client certificates are used to provide authentication for the device to SOTI MobiControl. |
iOS Profile Signing | Signs profile configurations for iOS devices so the device will trust them. |
SOTI MobiControl Client Certificate Root CA | Signs the client certificates for other (non-Apple) platforms. These client certificates are used to provide authentication for the device to SOTI MobiControl. |
SOTI MobiControl IdP Certificate | Identifies SOTI MobiControl to an Identify Provider (IdP). The private key is used to sign requests that are sent to the IdP, and the public key is given to the IdP as part of the SAML configuration process so that the IdP can trust the requests from SOTI MobiControl. |
SOTI MobiControl IdP Client Certificate | Signs and validates Java web tokens that SOTI MobiControl uses for internal identity management. |
SOTI MobiControl Search Certificate | Authenticates the SOTI MobiControl search server to SOTI MobiControl. |
Cloud Link Certificate | Authenticates a SOTI Cloud Link to SOTI MobiControl. |
Importing Certificates Using the SOTI MobiControlAdministration Utility
You can import certificates using the SOTI MobiControl Administration Utility.
- In the Administration Utility's Certificates page, click the Import button.
- Choose File System as the Source.
- Select root certificates or Deployment Server Extensions/Management Console
certificates. The following file types are supported:
For root certificates: *.p7b, *.cer
For Deployment Server Extensions/Management console: *.pfx; *.p12
- Click Open.
Note: Alternately, you can import certificates using the Microsoft Management Console
first, then the SOTI MobiControl Administration Utility. This
includes the types of certificates that are supported by Microsoft. Perform the
following steps:
- In the Microsoft Management Console, import the certificate into the local computer through the Personal location.
- In the SOTI MobiControl Administration Utility's Certificates page, click the Import button.
- Choose Local Computer Personal Storage as the Source.
- Select your desired certificate from the list and click Apply.