Validate the BEMS SSL certificate
You can have the
BlackBerry Dynamics Launcher Libraryvalidate the SSL certificate of any
BlackBerry Enterprise Mobility Serverthat is associated with your deployment to secure the communications between the servers.
- Verify that you have a copy of theBEMSSSL certificate or theBEMSSSL certificate chain.BEMSsupports replacing theBEMSself-signed certificate with one issued by an internal or external certificate authority. If theBEMScertificate has been replaced, then you should deploy the Root CA and any intermediates or subordinate signing certificates in the chain, not the actualBEMScertificate. For more information, see Replacing the autogenerated SSL certificate in theBEMSConfiguration content.
- Verify that you have administrative access to yourGood ControlandBlackBerry UEMserver
- Verify that you have the entitlement ID:com.blackberry.feature.validatebemscertificate
- On theBEMSserver, export the SSL certificate.
- If you are using aGood Controlserver, go toCertificates > Trusted Authoritiestab,Upload New Certificateto import theBEMScertificate.
- If you are using aBlackBerry UEMserver, go toPolicies and Profiles>Certificates>CA certificateto add the certificate and assign it to users. For more information, see Assign the BEMS SSL certificate to users.
- Assign the entitlement ID to users. Do one of the following:
- Assign it to the Everyone user group.
- Create a user group of only those users you want to assign it to.
- Assign it to individual users.
When a user's certificate is about to expire, they will be notified and will have the ability to renew them through
BlackBerry Dynamics Launcher.