Generating DeviceLock Certificates
DeviceLock’s Certificate Generation Tool allows you to generate DeviceLock Certificates.
We recommend that you generate only one DeviceLock Certificate and deploy its public key to all user computers. It is necessary to generate and install a new certificate only if the private key was either compromised (e.g. stolen) or lost.
To run the Certificate Generation Tool, select the Certificate Generation Tool item from the File menu in DeviceLock Enterprise Manager. To run the Certificate Generation Tool from DeviceLock Management Console (the MMC snap-in) or DeviceLock Group Policy Manager, use the shortcut menu available by a right mouse click.
The Certificate Generation Tool starts automatically during installation of DeviceLock management consoles on an administrator’s computer that has no DeviceLock Certificate.
There are two simple steps to generate the key pair:
1. Specify the name of the DeviceLock Certificate.
The Certificate Generation Tool auto-generates a name based on the current date and time, but you can type any other name.
2. Specify the path and file names for private and public keys.
Once the DeviceLock Certificate is created, the public key can be deployed to users’ computers.
Important: A newly generated DeviceLock Certificate does not automatically install on computers from the Certificate Generation Tool. You must deploy it manually from a DeviceLock management console. |
