When a remote operator launches a remote session on a managed device through ZENworks Control Center, a certificate that helps the managed device to identify the remote operator is automatically generated by ZENworks if an internal CA is used. However, if an external CA is used, the remote operator needs to manually provide the certificate that is chained to the deployed external CA and is certified for SSL Client Authentication. For more information on using the external CA, see in Section 2.8, Starting Remote Management Operations.
If a remote operator launches a remote operation on a managed device without providing a certificate, the name of the remote operator is recorded as in the audit logs, the Visible Signal and the Ask User Permission dialog box. To ensure that the remote operator provides the certificate, deselect in the Remote Management policy.