Certificate Validation Process
validates server certificates when authenticating to services. When attempting
to establish secure connections, the services present
validates the presented certificate against what is in the client device's
local certificate store. If the certificate is not in the certificate store,
the certificate is deemed untrusted and
prompts the user to accept or decline the certificate.
If the user
accepts the certificate,
connects to the service and saves the certificate in the certificate store or
keychain of the device . If the user declines the certificate,
does not connect to the service and the certificate is not saved to the
certificate store or keychain of the device.
certificate is in the local certificate store of the device,
trusts the certificate.
connects to the service without prompting the user to accept or decline the
authenticates to two services on the
server. The service names are Cisco Tomcat and Extensible Messaging and
Presence Protocol (XMPP). A certificate signing request (CSR) must be generated
for each service. Some public certificate authorities do not accept more than
one CSR per fully qualified domain name (FQDN). Which means that the CSR for
each service may need to be sent to separate public certificate authorities.
Ensure that you
specify FQDN in the service profile for each service, instead of the IP address