Configure BlackBerry Dynamics apps to use app-based certificates Skip Navigation

Configure
BlackBerry Dynamics
apps to use app-based certificates

BlackBerry Dynamics
apps automatically select which certificate to use for S/MIME and for authentication over TLS connections based on the key usage and extended key usage properties in the certificates. If two or more certificates have same set of properties, apps may not be able to resolve which certificate to use for TLS authentication. You can help apps determine which certificate to use by following the steps below.
Make sure you have completed one of the following:
  1. In the
    UEM
    management console, on the menu bar, click
    Apps
    .
  2. In the app list, select the app (for example,
    BlackBerry Work
    or
    BlackBerry Access
    ).
  3. Select the
    Allow BlackBerry Dynamics apps to use user certificates, SCEP profiles, and user credential profiles
    check box.
  4. If you are configuring
    BlackBerry Work
    , in the
    App configuration
    section, click The Add icon and perform one of the following tasks:
    Task
    Steps
    Configure
    BlackBerry Work
    when your organization is using
    BEMS
    1. On the
      Basic Configuration
      tab, in the
      Security Settings
      section, select the
      Use client certificate in place of login/password
      checkbox.
    2. To enable automatic discovery of the
      Microsoft Exchange
      server that the users are on, in the
      Client Settings
      section, select the
      Use BEMS to perform Autodiscover of the EAS/EWS endpoint for the user
      checkbox.
    3. On the
      Advanced Configuration
      tab, in the
      TLS Certificate Settings
      section, type the name of the user credential profile for the device.
    Configure
    BlackBerry Work
    when your organization is not using
    BEMS
    1. Click the
      Basic Configuration
      tab.
    2. If your server uses the domain name\user login format, in the
      Exchange ActiveSync Settings
      section, in the
      Default Domain
      field, specify the default
      Windows NT
      Domain that
      BlackBerry Work
      connects to when users log in.
    3. In the
      Active Sync Server
      field, specify the default
      Exchange ActiveSync
      server that
      BlackBerry Work
      connects to when users log in to
      BlackBerry Work
      (for example, cas.mydomain.com).
    4. In the
      Autodiscover URL
      field, specify the autodiscover URL, if known. This speeds up the auto discover setup process (for example, https://autodiscover.mydomain.com).
    5. In the
      Autodiscover Connection Timeout in Seconds (iOS only)
      field, specify the autodiscover connection timeout in seconds.
    6. In the
      TLS Certificate Settings
      section, in the
      User Credential Profile Name
      field, type the name of the user credential profile.
  5. Click
    Save
    .
Create app-based PKI solution to use with the following devices: