Skip Navigation
  1. BlackBerry Docs
  2. BlackBerry UEM 12.17
  3. Administration
  4. Securing connections using PKI
  5. Integrating BlackBerry UEM with your organization's PKI software
  6. Connect BlackBerry UEM to a BlackBerry Dynamics PKI connector

Connect
BlackBerry UEM
 to a
BlackBerry Dynamics
 PKI connector

If you want to use your organization's PKI software to enroll certificates for
BlackBerry Dynamics
 apps, and your PKI software isn't supported for a direct connection with
BlackBerry UEM
, you can set up a
BlackBerry Dynamics
 PKI connector to communicate with your CA and link
BlackBerry UEM
 to the PKI connector. In a
BlackBerry UEM Cloud
 environment, you must have a
BlackBerry Connectivity Node
 installed to allow
BlackBerry UEM
 to communicate with the PKI connector through the
BlackBerry Cloud Connector
.
A PKI connector is a set of
Java
 programs and web services on a back-end server that allows
BlackBerry UEM
 to send certificate requests and receive responses from the CA.
BlackBerry UEM
 uses the
BlackBerry Dynamics
 user certificate management protocol to communicate with the PKI connector. This protocol runs over HTTPS and defines JSON-formatted messages. For more information on setting up a
BlackBerry Dynamics
 PKI connector, see the User Certificate Management Protocol and PKI Connector documentation.
Set up a
BlackBerry Dynamics
 PKI connector.
  1. On the menu bar, click
    Settings > External integration > Certificate authority
    .
  2. Click
    Add a BlackBerry Dynamics PKI connection
    .
  3. In the
    Connection name
     field, type a name for the connection.
  4. In the
    URL
     field, type the URL of the PKI connector.
  5. Select one of the following options:
    • Authenticate with username and password
      : Choose this option if
      BlackBerry UEM
       authenticates with the
      BlackBerry Dynamics
       PKI Connector using password-based authentication.
    • Authenticate with client certificate
      : Choose this option if
      BlackBerry UEM
       authenticates with the
      BlackBerry Dynamics
       PKI Connector using certificate-based authentication.
  6. If you selected
    Authenticate with username and password
    , in the
    Username
     and
    Password
     fields, type the username and password for the
    BlackBerry Dynamics
     PKI connector.
  7. If you selected
    Authenticate with client certificate
    , click
    Browse
     to select and upload a certificate that is trusted by the
    BlackBerry Dynamics
     PKI Connector. In the
    Client certificate password
     field, type the password for the certificate.
  8. In the
    Trusted certificate for the PKI connector
     section you can specify the certificate that
    BlackBerry UEM
     uses to trust connections to the PKI connector, select one of the following options:
    • CA certificate from BlackBerry Control TrustStore
    • CA certificate
      : If you select this option you must click Browse to navigate to and select your organization's CA certificate.
    • PKI connector server certificate
      : If you select this option you must click Browse to navigate to and select your organization's PKI connector server certificate.
  9. To test the connection, click
    Test connection
    .
  10. Click
    Save
    .