Manualshelf

Administrator Guide

ManualsBrandsDell ManualsAccess PlatformsW-ClearPass Virtual Appliances
101102103104105106107108109110
Public Key Infrastructure for Onboard
During the device provisioning process, one or more digital certificates are issued to the device. These are used
as the unique credentials for a device. To issue the certificate, Dell Networking W-ClearPass Onboard must
operate as a certificate authority (CA). The following sections explain how the certificate authority works, and
which certificates are used in this process.
Certificate Hierarchy
In a public key infrastructure (PKI) system, certificates are related to each other in a tree-like structure.
Figure 53 Relationship of Certificates in the Onboard Public Key Infrastructure
The root certificate authority (CA) is typically an enterprise certificate authority, with one or more intermediate
CAs used to issue certificates within the enterprise.
Onboard may operate as a root CA directly, or as an intermediate CA. See "Certificate Authorities " on page 115.
For information on setting up certificates when using Onboard in a cluster, see "Certificate Configuration in a
Cluster " on page 102.
The Onboard CA issues certificates for several purposes:
l The Profile Signing Certificate is used to digitally sign configuration profiles that are sent to iOS devices.
n The identity information in the profile signing certificate is displayed during device provisioning.
Dell Networking W-ClearPass Guest 6.6 | User Guide Onboard | 101