Honeywell MX7 Laptop User Manual


 
11 - 19
Windows Certificate Store vs. Certs Path
Note: It is important that all dates are correct on the MX7 Tecton and host computers when using any type of certificate.
Certificates are date sensitive and if the date is not correct authentication will fail.
User Certificates
EAP-TLS authentication requires a user certificate. The user certificate must be stored in the Windows certificate store.
To generate the user certificate, see Generating a User Certificate (page 11-39).
To import the user certificate into the Windows certificate store, see Installing a User Certificate (page 11-43).
A Root CA certificate is also needed. Refer to the section below.
Root CA Certificates
Root CA certificates are required for EAP/TLS, PEAP/GTC and PEAP/MSCHAP. Two options are offered for storing these
certificates:
Imported into the Windows certificate store.
Copied into the Certs Path directory.
Using the Certs Path
1. See Generating a Root CA Certificate (page 11-36) and follow the instructions to download the Root Certificate to a
PC.
2. Copy the certificate to specified directory on the mobile device. The default location for Certs Path is \System. A dif-
ferent location may be specified by using the Certs Path global variable. Note the location chosen for certificate
storage should persist after a reboot.
3. When completing the Credentials screen for the desired authentication, do not check the Use MS store check box
after tapping the Validate server check box.
4. Enter the certificate name in the CA Cert textbox.
5. Tap OK to exit the Credentials screen and then Commit to save the profile changes.
Using the Windows Certificate Store
1. See Generating a Root CA Certificate (page 11-36) and follow the instructions to download the Root Certificate to a
PC.
2. To import the certificate into the Windows store, see Installing a Root CA Certificate (page 11-39).
3. When completing the Credentials screen for the desired authentication, be sure to check the Use MS store check
box after tapping the Validate server check box.
4. The default is to use all certificates in the store. If this is OK, skip to the last step.
5. Otherwise, to select a specific certificate tap on the Browse (…) button.