Contents Index The role of digital certificates Server authentication

MobiLink Synchronization User's Guide
  Transport-Layer Security
    About transport-layer security

Using chains of certificates


A certificate may be signed by other certificates, or it may be self-signed, which means it is signed only with its own private key. A sequence of public certificates, each signed by the next, is called a certificate chain. At one end of a typical chain is a certificate used for a particular MobiLink synchronization server. At the other end is a certificate, signed by no other certificates, called the root certificate.

You can arrange certificates in various ways, depending on your requirements. The following sections describe how to construct and use certificate chains to achieve particular security goals. The following topics are covered:

In all cases, you must ensure that the MobiLink command line and log file are secure. This is best done using a firewall and by otherwise limiting access to the computer running the MobiLink synchronization server.

MobiLink transport-layer security is a flexible mechanism that lets you achieve the security important to your setup. The basic system allows you to keep information private, while certificates ensure MobiLink clients that they are talking to a trusted MobiLink synchronization server.


Contents Index The role of digital certificates Server authentication