Understanding Certificate Validation
Cloud Link communication is protected by mutually authenticated HTTPs sessions. SOTI MobiControl provides a Client Certificate for authenticating to the Cloud Link agent, which can be validated by the Cloud Link agent or a reverse proxy. Given the flexible deployment options for Cloud Link, a Server Certificate for the Cloud Link agent is not provided and must be purchased or issued by your corporate infrastructure.
-
Purchase or issue a Server Certificate for the Cloud Link agent with a Common Name matching the FQDN with which SOTI MobiControl Cloud will communicate.
-
Decide whether to issue your own Client Certificate or use the one provided by SOTI MobiControl Cloud.
-
Ensure you have the Root Certificate on hand for any Certificate Authority you use to issue certificates.
-
Request an Intermediate Certificate from SOTI MobiControl technical support to complete the certificate trust chain between the Cloud Link Agent and the SOTI MobiControl Cloud server.
-
Include both the SOTI MobiControl Root certificate and the Intermediate certificate on the SOTI MobiControl Cloud Link Agent Server.