Configuring secure connections to your mail server when you enable the BlackBerry Secure Gateway
BlackBerry Secure Gateway
If you enable the
BlackBerry Secure Gateway
to provide a secure connection through BlackBerry UEM
between your organization's mail server and iOS
and iPadOS
devices with the MDM controls
activation type, you may need to configure BlackBerry UEM
to make secure connections to Exchange ActiveSync
or the Active
Directory
identity provider.If your environment includes
iOS
and iPadOS
13.0 and later devices and you use modern authentication to connect to Microsoft Exchange
Online
, you must add the certificate (or the root certificate) of the identity provider to BlackBerry UEM
. The BlackBerry Secure Gateway
requires the certificate to trust the identity provider when it establishes the connection. You will also need to specify the the discovery endpoint and mail server resource for modern authenticationIf your
Exchange ActiveSync
server is configured to require a TLS connection, you must add the Exchange ActiveSync
server certificate (or the root certificate) to BlackBerry UEM
. The BlackBerry Secure Gateway
requires the certificate to trust the Exchange ActiveSync
server when it establishes the TLS/SSL connection. Depending on the security requirements of your Exchange ActiveSync
server, you may also need to update the list of TLS versions and ciphers that the BlackBerry Secure Gateway
can use for authentication with Exchange ActiveSync
.