The SMA appliance uses SSL certificates to secure information that the client computer sends to the server, and
to validate the appliance’s identity to connecting users; see the below image. It requires at least two SSL
The Secure Mobile Access services use a certificate to secure user traffic from a Web browser to WorkPlace, and from the Connect clients to the appliance. (If you want to provide several WorkPlace sites, you can use a wildcard certificate for multiple sites, or associate a different certificate with each one. In either case, the sites can have different host and domain names; for more information, see Adding WorkPlace Sites.)
AMC uses a separate certificate to secure management traffic. This is usually a self-signed certificate.
Subject Alternative Name (SAN) certificates are supported for Workplace, Workplace sites, and Connect Tunnel.
These certificates are used to securely encrypt communication channels between a set of clients and multiple
distinct SSL or TLS services.
SAN certificates simplify the IP address/hostname/certificate sets needed for a typical deployment. With a
single SAN certificate, you can utilize one IP address with multiple distinct SSL or TLS protected web or
client/server services, without the need for configuring additional IP addresses. Additionally, SANs can be used
for different host names on the same IP address, alleviating the need for a one-to-one mapping of SSL certificate
Common Names to FQDN.
Only IPv4 addresses are supported in SAN certificates and Certificate Signing Requests (CSR).
The Administrator can generate, import, process, and otherwise use a SAN certificate for Workplace,
ActiveSync, Custom FQDN URL Mapping, or Tunnel-based access services.
CA certificates are also used for securing connections to back-end servers and authentication using client
certificates. See Importing CA Certificates for more details.
Was This Article Helpful?
Help us to improve our support portal