Skip to main content
Skyhigh Security

Step 1: Upload CA Certificates to Secure Web Gateway

To configure Skyhigh Mobile Cloud Security (SMCS), you must first upload the CA (Certificate Authority) certificates to Secure Web Gateway. This allows you to set up and run a VPN gateway within your SMCS solution. Follow these steps to upload CA (Certificate Authority) certificates to Secure Web Gateway:

  1. Log in to Skyhigh SSE, and go to Settings > Infrastructure > Web Gateway Setup.
  2. Click Configure to the right of Skyhigh Mobile Cloud Security.
    SMCS.png
  3. On the MCS Configuration page, you can upload and manage CA certificates and select user groups to assign to each certificate.
    MCS6.png
  4. Click Upload to select and upload a custom CA certificate (supported certificate formats are DER, PEM, CRT, and CER). 
    The certificate's private key is used to sign the mobile device certificates.
  5. Specify the labels of the fields that identify the User name and an optional User Group in the device certificates. For details on field labels, see Device Certificate Field Labels.
  6. (Optional). To upload certificate chains with both Root and Intermediate certificates:
    1. You must upload both the Root and Intermediate CA's to Secure Web Gateway.
    2. Make sure that the p12 certificate to be deployed on your device is signed by both the Root and Intermediate CAs.

NOTE: You can upload multiple CA certificates to Secure Web Gateway.

 

 

  1. Click Upload & Test to test the device certificate authentication with the uploaded CA certificate.
    upload.png
  2. Click Save.

NOTE: Make sure to note or save the VPN Gateway address to configure SMCS in your Mobile Device Management (MDM) solution.

 

After uploading CA certificates to Secure Web Gateway, you can use the IP address of the VPN gateway to configure your MDM solution. For details, see Step 2: Configure MDM.

Device Certificate Field Labels

Field Label Field Label Name Description
CN Common Name Typically used to represent the name associated with a user.
E Email Address Refers to the email address associated with the entity.
ID  Identification Represents an identifier or identification information.
G Given Name Indicates the given or first name of a user.
D Description Describes the entity or provide additional information.
DNQ Distinguished Name Qualifier Part of the Distinguished Name in X.500 directory services.
I Initials Represents the initials of a user.
L Locality Indicates the locality or city associated with a user.
Organization Represents the organization to which a user belongs.
OU Organizational Unit Describes the organizational unit or department within an organization.
S Surname Indicates the surname or last name of an individual.
ST  State or Province Represents the state or province associated with the entity.
T Title Indicates the title or position of an individual.
C Country It represents the country in which the entity or individual associated with the certificate is located or registered.
  • Was this article helpful?