- What is the BlackBerry Dynamics SDK?
- Requirements and support for platform-specific features
- Software requirements
- Using an entitlement ID and version to uniquely identify a BlackBerry Dynamics app
- FIPS compliance
- Declaring a URL type to support BlackBerry Dynamics features
- App UI restrictions
- Requirements and prerequisites for iOS platform features
- Supported TLS protocols and cipher suites
- Steps to get started with the BlackBerry Dynamics SDK
- Integrating optional features
- Preventing password autofill in the app UI
- Enforcing local compliance actions
- Adding custom policies for your app to the UEM management console
- Add a watermark to the screens in a BlackBerry Dynamics app
- Allow unencrypted data to be copied to the pasteboard
- Replace the default splash screen for inactive apps
- Prompt the user to update a BlackBerry Dynamics app
- Support for Apple Watch
- Adding a custom logo and colors with the branding API
- Using zero sign-on for SaaS services through BlackBerry Enterprise Identity
- Integrating BlackBerry Enterprise Mobility Server services
- Enabling microphone and camera support with WebRTC
- Integrating BlackBerry Analytics
- Sample apps
- Testing and troubleshooting
- Deploying your BlackBerry Dynamics app
- Deploying certificates to BlackBerry Dynamics apps
Certificate requirements
- Client certificates must be in PKCS12 format, with the Certificate Authority (CA), public key, and private key in the same file.
- The PKCS12 file must have a .p12 or .pfx extension
- The PKCS12 file must be password-protected
- The source of the certificate can be your own internal CA, a well-known public CA, or an online tool such asOpenSSLor theJavakeytool. You can use the following keytool example to generate a certificate, substituting your own values as required:
keytool -genkeypair -alias good123 -keystore good123.pfx -storepass good123 -validity 365 -keyalg RSA -keysize 2048 -storetype pkcs12
- If the organization’s security policy uses FIPS standards, Personal Information Exchange files must be encrypted with FIPS-strength ciphers. If Personal Information Exchange files use a weak cipher, which is common for third-party applications when exporting identity material, you can use a tool likeOpenSSLto re-encrypt the files with a FIPS-strength cipher. See the following example:
openssl pkcs12 -in weak.p12 -nodes -out decrypted.pem<enter password>openssl pkcs12 -export -in decrypted.pem -keypbe AES-128-CBC -certpbe AES-128-CBC -out strong.p12<enter password>rm decrypted.pem