To establish a connection with the ICG, every device must authenticate with the ICG. For this purpose, a first-authentication key must be generated. On first contact with the ICG, the device must present this key.

There are various methods of generating first-authentication keys. The most common one is described here; for alternative methods, see All Methods of Generating First-Authentication Keys for Devices.

Creating a New Mass-Deployment Key for Arbitrary Devices

  1. Go to UMS Administration > Global Configuration > Cloud Gateway Options.
  2. Click .


  3. Select Create new mass-deployment key.
  4. Activate or deactivate Generate random mass-deployment key to choose the method of key generation:

    The key is generated by the UMS.

    You can enter a key of your own in the entry field.

  5. Click OK.
    One or more new entries appear in the list.

Distributing the Key via E-Mail or Printed Letter

  1. Go to UMS Administration > Global Configuration > Cloud Gateway Options.
  2. In the list First-authentication key, select the desired password entries and click Icon Kopieren to copy the credentials to the clipboard.
    The data required for connecting a device to the ICG is in the clipboard: host address, ICG server certificate fingerprint, and the password.
    The contents of the clipboard will look similar to the following example:
    --------------------------------------------------------------
    --------------------------------------------------------------
    Host: 222.222.222.222
    Port: 8443

    Root Certificate Fingerprint
    Part 1: 1231231231231231
    Part 2: 2342342342342342
    Part 3: 3453453453453453
    Part 4: 4564564564564564
    --------------------------------------------------------------
    --------------------------------------------------------------
    First-authentication key: 17171717171717171
    --------------------------------------------------------------
    The clipboard contains data for all active ICGs. In the example above, 1 ICG connection is active. If, for instance, 3 ICG were active, the data for those 3 ICG would be included.

  3. To send the credentials via e-mail, paste the data into an encrypted e-mail. To send the credentials in a printed letter, paste the data in your e-mail program or word processor.