Configure Server Authentication using Certificates

To authenticate a host using a certificate, the only configuration necessary on the Reflection client side is to install the CA certificate that is required to authenticate the certificate presented by the server. The requirements for installing the certificate depend on how Reflection is configured and how the certificate was created:

  • If your certificates were acquired from a well-known certification authority (CA), such as VeriSign or Thawte, and you have configured Reflection to support host authentication using the Windows system certificate store, you may not need to install any certificates on your computer. A certificate identifying the issuer as a trusted CA may already be included in the Trusted Root Certification Authorities list on your system.

  • If you have configured Reflection to require authentication using the Reflection store, each client computer must import required CA certificate(s) into the Reflection store.

  • If your enterprise has created its own certification authority, each client computer must import your CA's root certificate. Depending on your configuration, import it into either the Windows or Reflection certificate store.