Secure Mobile Access 12.4 Administration Guide

Does Secure Mobile Access support SAN Certificates?

Subject Alternative Name (SAN) certificates are supported for Workplace, Workplace sites, and Connect Tunnel. Certificates (also called UCC--Unified Communications Certificate) are used to securely encrypt communication channels between a set of clients and multiple distinct SSL or TLS services.

SAN certificates simplify the IP address/hostname/certificate sets needed for a typical deployment. With a single SAN certificate, you can utilize one IP address with multiple distinct SSL or TLS protected web or client/server services, without the need for configuring additional IP addresses. Additionally, SANs can be used for different host names on the same IP address, alleviating the need for a one-to-one mapping of SSL certificate Common Names to FQDN.

Only IPv4 addresses are supported in SAN certificates and Certificate Signing Requests (CSR).

Improvements include:

  • SANs-related features can be generated via the AMC instead of through mechanisms external to the appliance:

    • CSR with SANs

    • Self-signed certificates with SAN entries

  • WorkPlace sites, custom FQDN URL resources, and ActiveSync resources can be created using existing SAN certificates.

  • Global load balancing uses original web requests to direct traffic to a load balancer instead of the default WorkPlace site.

  • Connect Tunnel seamlessly handles connections to Workplace sites that use a combination of IP address, FQDN, or SSL certificate, regardless of the number of IP addresses associated with a WorkPlace site.

The Administrator can generate, import, process, and otherwise use a SAN certificate for Workplace, ActiveSync, Custom FQDN URL Mapping, or Tunnel based access services.

Was This Article Helpful?

Help us to improve our support portal

Techdocs Article Helpful form

Techdocs Article NOT Helpful form

  • Still can't find what you're looking for? Try our knowledge base or ask our community for more help.