Skip Navigation
  1. BlackBerry Docs
  2. BlackBerry Work 3.17
  3. BlackBerry Work, Notes, and Tasks Administration Guide for BlackBerry UEM
  4. Managing BlackBerry Work
  5. Steps to configure email notifications for BlackBerry Work
  6. Configure email notifications for BlackBerry Work
  7. Associate a certificate with the Entra app ID for BEMS

Associate a certificate with the
Entra
 app ID for
BEMS

You can use an existing certificate from your CA server or the New-SelfSignedCertificate command to create a self-signed certificate. For more information, visit docs.microsoft.com and read New-SelfSignedCertificate.
Verify that you have the app name you assigned in
BEMS
 with certificate-based authentication.
  1. If you have a certificate issued by a CA server, go to step 2. Create a self-signed certificate.
    1. On the computer running
      Microsoft Windows
      , open the
      Windows PowerShell
      .
    2. Enter the following command:
      $cert=New-SelfSignedCertificate -Subject "CN=<
      app name
      >" -CertStoreLocation "Cert:\CurrentUser\My" -KeyExportPolicy Exportable -KeySpec Signature
      .
      Where <
      app name
      > is the name you assigned the app in step 5 of Obtain an Entra app ID for BEMS with certificate-based authentication.
    3. Press
      Enter
      .
  2. Export the certificate from the Certificate Manager. This creates the public certificate. Make sure to save the public certificate as a .CER or .PEM.
    1. On the computer running
      Windows
      , open the Certificate Manager for the logged in user.
    2. Expand
      Personal
      .
    3. Click
      Certificates
      .
    4. Right-click the <
      user
      >@<
      domain
      > and click
      All Tasks > Export
      .
    5. In the
      Certificate Export Wizard
      , click
      No, do not export private key.
      .
    6. Click
      Next
      .
    7. Select
      Base-64 encoded X.509 (.CER)
      . Click
      Next
      .
    8. Provide a name for the certificate and save it to your desktop.
    9. Click
      Next
      .
    10. Click
      Finish
      .
    11. Click
      OK
      .
  3. Upload the public certificate to associate the certificate credentials with the
    Entra
     app ID for
    BEMS
    .
    1. In portal.azure.com, open the <
      app name
      > you assigned the app in step 5 of Obtain an Entra app ID for BEMS with certificate-based authentication.
    2. Click
      Settings > Keys
      .
    3. Click
      Upload Public Key
      .
    4. Click Folder icon and navigate to the location where you exported the certificate in step 2.
    5. Click
      Open
      .
    6. Click
      Save
      .
Export the certificate in .pfx format using the Manage User Certificate MMC snap-in. Make sure to include the private key. For instructions, visit docs.microsoft.com and read Export a Certificate with the Private Key.