If you are not using Afaria, you can install the client
application,
then connect to the corporate LAN using Wi-Fi or other method of your choosing in order to
provision devices with required files.
This allows you to
seed public RSA keys to the device so that over-the-air connections to SAP Mobile Server can be
mutually-authenticated
and you can minimize the possibility of a rogue server intercepting your initial
synchronization and providing its own RSA public key.
Follow these steps to ensure that the public RSA key required for future
secure communication is correctly and reliably installed.
- Provision
the
application to the device.
- Connect to the corporate LAN
on which
the
SAP Mobile Server
cluster
is installed.
- Use a device connection that connects directly to
SAP Mobile Server.
Alternatively, you can also connect using the Relay Server settings, but only if
Relay
Server is accessible from the corporate
LAN; typically
it is deployed on the
DMZ
SAP Mobile Server seeds the client with the public key. The
client uses this public key for all subsequent connections.
- Provide the user with instructions to
reconfigure
the connection properties on the device to use Relay Server from the Internet for
subsequent connections.