Purpose
IGEL OS comes with a number of trusted root certificates from certain Certificate Authorities (CA) pre-installed. For a complete list of pre-installed root certificates, see CA Certificates Contained in IGEL OS 11.04.100.
Certificates signed with these root certificates can be used for server authentication and encryption in ICA, RDP, Horizon and browser sessions. You can also verify the origin of Java applications.
Nevertheless, the root certificate you need might be missing. This document explains how to load and distribute it.
Requirements
The certificates must be available in the Base64 file format encoded with the file extension .pem, .crt or .cer.
To check the file format, open the certificate with a text editor. It should look like this:
Solution
We advise you to use the following file transfer types for distributing the certificates via the UMS; see also Registering a File on the UMS Server:
Type | To be used for |
Undefined | All-purpose class, you need to set the owner and access permissions manually. |
Web Browser Certificate | Server authentication/encryption of HTTPS websites in browsers |
SSL Certificate | Server authentication/encryption in ICA, RDP or Horizon sessions Authentication via Active Directory (AD) |
Java Certificate | Authentication/encryption for Java applications |
IBM iAccess Certificate | Server authentication/encryption for IBM iAccess sessions |
Common Certificate (all-purpose) | Multiple applications needing a certificate, e.g. if you want to launch an ICA session in a browser, or if you want to secure a Java session on a secure website. |
With these file transfer types, you will not need to reboot after installing.