The User Certificates page lists the client certificates that are uploaded to the Ivanti Access administrative portal. The Default Client Certificate is created by default. The Default Client Certificate can be used as a reference certificate and cannot be deleted.
Figure 1. default Client certificate
Adding your own user certificate enables you to easily map fields from the certificate into federation responses generated by Ivanti Access in Certificate based Single Sign-on. You can add a sample certificate used by your Ivanti Tunnel VPN profile that is assigned to mobile applications that use cloud services federated with Ivanti Access.
Before you begin
Verify that you have created a certificate of your choice using the default certificate as a reference.
- In Ivanti Access, go to Profile > User Certificates, click Add Certificate to import a User Certificate.
- Enter a Certificate Name.
- Under Upload Certificate, click Choose File and browse to select the appropriate PEM certificate.
Click Add Certificate.
The user certificate is added.
Figure 2. user certificate
You can take the following actions on a certificate:
- : Click to view certificate details.
- : Click to delete the certificate.
You cannot delete a certificate that is configured in a federated pair for single sign-on. In order to remove a certificate, you must first edit and associate the certificate with another certificate (during enabling cert SSO). This disassociates the older certificate. You can then remove the older certificate.
The Client Certificate consists of Certificate Details and Fields available for SSO configuration. The Certificate Details lists the Issuer, Serial No, Validity and Version of the Certificate.
The Fields available for SSO configuration enable you to view and provide friendly names to fields populated in the User Certificate that you uploaded. These friendly names match the MiTra expression for a field used for SSO configuration.
Figure 3. client certificate