Intermec CN3 User Manual page 184

Chapter 5 — Network Support
170
TLS (EAP-TLS)
EAP-TLS is a protocol that is based on the TLS (Transport Layer Security)
protocol widely used to secure web sites. This requires both the user and
authentication server have certificates for mutual authentication. While
cryptically strong, this requires corporations that deploy this to maintain a
certificate infrastructure for all their users.
Use "TLS" to configure using EAP-TLS as an authentication protocol, pick
"Open," "WPA," "WPA2," or "Network EAP" as an association mode.
To configure TLS settings
1 Set 8021x Security as "TLS, then choose any of the following:
• Set Association to "Open."
• Set Association to "WPA."
• Set Association to "WPA2" and Encryption to "TKIP" or "AES."
• Set Association to "Network EAP" and Encryption to either "WEP"
or "CKIP."
2 Enter your unique Subject Name and User Name of the corresponding
certificate installed on your CN3 to use this protocol.
3 Tap Get Certificates to obtain or import server certificates
4 Tap Additional Settings to set server certificate validation and trust.
To configure additional TLS settings
1 Check Validate Server Certificate to verify the identity of the
authentication server based on its certificate when using TLS.
2 Tap Root CA, select a root certificate, then tap OK to return to the TLS
settings.
3 Enter the Common Names of trusted servers. If these fields are left
blank, the client will accept any authentication server with a valid
certificate. For increased security, you should specify exactly which
authentication servers you expect to use.
(page
CN3 Mobile Computer User's Manual
173).