Website authentication using client-side certificates
You can specify client certificates by configuring key-value pairs in a Web@Work setting in the Admin Portal. Two key-value pairs are needed to use this feature:
•one key-value pair for the imported certificate
•one key-value pair for the URL of the website to which you want to present the certificate in response to a challenge
Support of client-side certificates allows users to access internal websites that require certificate-based authentication. The certificate is pushed from Core to the device and stored in Web@Work memory.
Limitations
•Web@Work supports one certificate per host.
•Client-side certificates are supported for non-tunneled websites only.
Configuring website authentication using client-side certificates
To configure website authentication using client-side certificates:
1. | Sign in to the Core Admin Portal. |
2. | Go to Policies & Configs > Configurations. |
3. | Select the Web@Work setting that applies to the devices of interest. |
4. | Click Edit. |
5. | Under Custom Configurations, click Add. |
6. | Add the following keys and values: |
Key |
Value Description |
IdCertificate_<number> Where <number> is any positive integer. |
The name of the Certificate Enrollment that corresponds to the certificate you want to use. |
IdCertificate_<number>_host Where <number> is the same number you entered for IdCertificate_<number>. |
The URL for the website to which the certificate will be presented. Wildcards are permitted. Examples: myhost.mycompany.com, *.mycompany.com/myfolder |
7. | Click Save. |
8. | Apply this Web@Work configuration to labels that identify the devices that should receive this configuration. |