Appendix 1: How to set up Dell/Wyse WTOS thin clients
Dell/Wyse WTOS version 8.3.1 (8.3 Build 108) and above thin clients can be configured to use Lynx for prox card and other services. This appendix describes how to configure WTOS thin clients using FTP and a wnos.ini file, or using the GUI configuration tools on the thin client itself. This appendix does not cover how to use Wyse Device Manager (WDM) software to configure WTOS thin clients to use Lynx. However, by looking at the FTP and wnos.ini file section below, you should be able to determine the settings to use in WDM.
About Certificates
All communications between Lynx and WTOS thin clients are secured using mutual certificate authentication over the HTTPS protocol. What is mutual certificate authentication? In a nutshell, this means that BOTH the client and the server must present a certificate to each other to prove that each party is who they say they are and that they are authorized to communicate with the other party. In other words, when the client makes a connection to the server, the following steps are taken:
Client connects to server.
Note
The client is always the initiating party, i.e., it always connects to the server first. The server never initiates the connection.
Server presents its public certificate to the client. This is the certificate that you configured by specifying the certificate thumbprint in the Lynx PowerShell script.
Client verifies that the server certificate is valid and is trusted.
Client then presents its public certificate to the server. See below for the steps to install the client certificate on the client.
Server verifies that the client certificate is valid and is trusted.
After all the above steps are performed successfully, only then is a secure communication channel established and data is exchanged.
As you can see, the server needs its own certificate, and the client needs its own certificate which is not the same as the server certificate.