Create a certificate mapping profile

Create any SCEP, user credential, or shared certificate profiles required to send certificates to devices and assign the profiles to users or groups.

On the menu bar, click

Policies and Profiles

Click Certificates > Certificate mapping.

Click

Type a name and description for the profile. Each certificate profile must have a unique name.

In the mapping table, click The Add icon

Under

Destination URI

, select one of the following options:

Select

None

if the app won’t use the certificate to authenticate a connection with a resource.

Select

Any

if the app can use the certificate to authenticate a connection with any resource.

Select

Specified host:port

and type the host and port if the app can use the certificate to authenticate with a specific resource.

Under

App certificate

, perform one of the following actions:

To specify that the app must use a certificate sent to the device by another profile, select

Selected certificate

and select the profile name from the drop-down list.

To specify that the app must use a certificate sent to the device by a third-party source, select

Certificate alias

and type the alias for the certificate. If you do not know the alias, consult the documentation or administrator for the certificate provider.

To specify that the app must use a certificate sent to the device by another profile, select

Selected certificate

and select the profile name from the drop-down list.

Under

Allowed apps for destination URI

, perform one of the following actions:

To allow any managed app to request the specified certificate, select

Any apps in workspace

To allow only specified apps to request the certificate, select

Specified apps

and click

to specify one or more apps.

If necessary, repeat steps 5 to 8 to add to additional mappings to the profile.

Click

Add

Assign the profile to user accounts and user groups.

If necessary, rank profiles.