7. Certificates 
A Digital certificate contains name, serial number, expiration date and the certificate holder's public key along with the digital signature of the certificate issuing authority.
By default, the OpenScape Mobile Pro devices communicate to the Mitel OpenScape Façade
server and
Mitel OpenScape Session Border Controller (SBC).
The OpenScape Mobile Pro Application uses the following certificates:
-
Root CA Certificate - A digital certificate that issues the Client and Server certificates. The Root CA Certificate is installed on your device, as well as the server.
-
Server Certificate - A digital certificate that identifies the Server to your device. The Server certificate is not installed on the device, but on the Servers.
-
Client Certificate - A digital certificate that identifies your device as legitimate device to the Server. The Client certificate is installed on the device.
INFO:
The certificates are issued by the Certification Authority (CA). A root certificate
is the top-most certificate and all certificates below the root certificate inherit
the trustworthiness of this root certificate.
With the help from system administrator, the following certificates have to be obtained
and installed:
-
Root CA CertificateStored in the device's trusted credential storage
-
Client CertificateStored in the applications keychain.
The subsequent sections explain in details:
-
Deployment and installation of Root CA Certificates on the user’s device.
-
Client certificate import and storage in the OpenScape Mobile Pro application keychain.
-
Retrieval of the Client certificate from the device’s keychain, during the secure authentication and connection establishment.
-
Acceptance and validation of Server certificate during authentication process (i.e. between OpenScape Mobile Pro/Mobile Façade Server, and OpenScape Mobile Pro/Session Border Controller).
-
Enabling/Disabling Server certificate validation on the OpenScape Mobile Pro device.