Understanding Certificate Validation

Cloud Link communication is protected by mutually authenticated HTTPs sessions. SOTI MobiControl provides a Client Certificate for authenticating to the Cloud Link agent, which can be validated by the Cloud Link agent or a reverse proxy. Given the flexible deployment options for Cloud Link, a Server Certificate for the Cloud Link agent is not provided and must be purchased or issued by your corporate infrastructure.

• Purchase or issue a Server Certificate for the Cloud Link agent with a Common Name matching the FQDN with which SOTI MobiControl Cloud will communicate.

• Decide whether to issue your own Client Certificate or use the one provided by SOTI MobiControl Cloud.

• Ensure you have the Root Certificate on hand for any Certificate Authority you use to issue certificates.

• Request an Intermediate Certificate from SOTI MobiControl technical support to complete the certificate trust chain between the Cloud Link Agent and the SOTI MobiControl Cloud server.

• Include both the SOTI MobiControl Root certificate and the Intermediate certificate on the SOTI MobiControl Cloud Link Agent Server.