In the IGEL Community, a member asked the following question relating to IGEL UMS Certificates. We wanted to share it with all of you, as it's a goodie.
Question:
Can you explain what actually happens when you choose a different file classification when using UMS to upload a certificate to a device? I presume it just gets copied to a different location on the file system. The classifications I’m referring to are:
Undefined
Web Browser Certificate
SSL Certificate
Java Certificate
IBM iAccess Certificate
Common Certificate (All Purpose)
Answer:
It tells the OS where it should actually link the certificate to in the file system and which applications will get access to them.
There are six special types:
Certificate Type | Purpose & Use Case |
Undefined | A general-purpose certificate category where the owner and access permissions must be set manually. Suitable for custom scripts, binaries, or non-SSL files deployed to endpoints. Typically stored in /wfs, but note that storage is limited. |
Web Browser Certificate | Used for server authentication and encryption when accessing HTTPS websites via a web browser. Ensures secure communication between the endpoint and the web server. |
SSL Certificate | Required for secure authentication and encryption in ICA, RDP, and Horizon sessions. Also used for authentication via Active Directory (AD) when connecting to corporate environments. |
Java Certificate | Provides authentication and encryption for Java-based applications that require secure communication. Essential for Java applications handling sensitive data. |
IBM iAccess Certificate | Used for server authentication and encryption in IBM iAccess sessions, ensuring secure connections to IBM i (AS/400) systems. |
Common Certificate (all-purpose) | A versatile certificate used across multiple applications. Ideal for scenarios where one certificate is needed for multiple functions, such as securing an ICA session in a web browser or encrypting a Java session on a secure website. |
If you are unsure what the cert is for, it is safe to use Common Certificate (All Purpose).
This copies the file to /wfs/ca-certs/ and IGEL OS will link those certificates to the correct places in the OS at every boot
Learn more and/or leave a comment or question, read IGEL UMS Certificate File Classification Explained in the IGEL Community on Slack. Not a member? Join Now!
Comments