Hi Guys, anyone knows where does IGEL OSdevice stores ICG certificate? not the root certificate which /wfs/icgcert.crt
That’s the only certificate that is stored on the OS
so we only store root certificate in device?
It’s a combination of root and intermediate
But yes, there are no endpoint certs stored on the endpoint
As is standard for PKI systems
so it should not matter whatever the endpoint certificate common name is ….right?
The name matters in the cert, it has to match your UMS / ICG servers, but the cert is not stored on the endpoint
as long as it’s using same root and intermediate cert …devices will connect
It’s handed to IGEL during the connection, and it validates it against the local root / intermediate certs
ok, but how does it checking for endpoint certificate validity?
how it will check if that cert is expired or revoked?
It has to get a valid endpoint certificate from UMS
If it doesn’t, then it doesn’t connect.
Revocation doesn’t come into play
Continue reading and comment on the thread ‘Where does IGEL OSdevice stores ICG certificate?’. Not a member? Join Here!
Learn more, search the IGEL Knowledge Base
Ask a question or comment on the above message thread?
Join or log in to the IGEL Community to ask us anything and meet other IGEL customers, partners, and EUC enthusiasts.Submit a question, or Join Today!