Process flow: Certificate enrollment using a PKI connector
- TheBlackBerry UEMadministrator creates and configures a user credential profile to obtain client certificates forBlackBerry Dynamicsapps from the enterprise CA using the organization’s PKI connector. The administrator assigns the profile to the user.
- The user installs and activates aBlackBerry Dynamicsapp. TheBlackBerry Dynamics Runtimesends a request toUEMfor a PKI certificate.
- UEMcalls the PKI connector to request the certificate.
- The PKI connector carries out any custom logic that the organization requires (for example, a user password, smart card authentication, or monitoring of certificate requests) and requests the certificate from the enterprise CA.
- The CA provides the certificate (key-pair) to the PKI connector.
- The PKI connector provides the certificate toUEM.
- UEMprovides the certificate to theBlackBerry Dynamicsapp.
- The app receives the certificate and uses it for different purposes, for example, to authenticate with the server when prompted, or to sign an email or document.