Download page Deploying Trusted Root Certificates in IGEL OS.
Deploying Trusted Root Certificates in IGEL OS
IGEL OS comes with a number of trusted root certificates from certain Certificate Authorities (CA) pre-installed. For a complete list of pre-installed root certificates, see Which CA Certificates Are Contained in IGEL OS?
Certificates signed with these root certificates can be used for server authentication and encryption in ICA, RDP, Horizon, and browser sessions. You can also verify the origin of Java applications.
Nevertheless, the root certificate you need might be missing. This document explains how to load and distribute it.
The certificates must be available in the Base64 file format encoded with the file extension
To check the file format, open the certificate with a text editor. It should look like this:
Deploying Certificates via the UMS
We recommend using IGEL Universal Management Suite (UMS) when you need to deploy certificates, especially if you have to do this for multiple endpoint devices.
You can load certificates in the UMS Console via Files > New file: simply select your certificate file under Local file, select the suitable Classification of the certificate, and assign the certificate file to the required devices; see Files - Registering Files on the IGEL UMS Server and Transferring Them to Devices.
We advise you to use the following file transfer types for distributing the certificates via the UMS:
To be used for
All-purpose class, you need to set the owner and access permissions manually.
Web Browser Certificate
Server authentication/encryption of HTTPS websites in browsers
Server authentication/encryption in ICA, RDP, or Horizon sessions
Authentication via Active Directory (AD)
Authentication/encryption for Java applications
IBM iAccess Certificate
Server authentication/encryption for IBM iAccess sessions
Common Certificate (all-purpose)
Multiple applications needing a certificate, e.g. if you want to launch an ICA session in a browser or if you want to secure a Java session on a secure website.
With these file transfer types, you will not need to reboot after installing.
Providing Certificates Manually
If you want to install certificates manually, see Installing Certificates Manually in IGEL OS.