Providing client certificates to devices and apps
You and users can send client certificates to devices and apps in several ways.
How the certificate is added | Description | Supported devices |
|---|---|---|
During device activation | BlackBerry UEM sends certificates to devices during the activation process. Devices use these certificates to establish secure connections between the device and UEM . | All |
You can create SCEP profiles that devices use to connect to, and obtain client certificates from, your organization's CA using a SCEP service. Devices and BlackBerry
Dynamics apps can use these certificates for certificate-based authentication and to connect to your work Wi-Fi network, work VPN, and work mail server. | iOS macOS Android Windows 10 | |
If your organization uses a PKI solution, such as Entrust or OpenTrust software products, to issue and manage certificates, you can create user credential profiles that devices use to get client certificates from your organization's CA. BlackBerry
Dynamics enabled devices use these certificates for certificate-based authentication from BlackBerry
Dynamics apps. Other devices use these certificates for certificate-based authentication from the browser, and to connect to your work Wi-Fi network, work VPN, and work mail server. | iOS macOS (for BlackBerry Access only)Android Windows 10 (for BlackBerry Access only) | |
A shared certificate profile specifies a client certificate that UEM sends to iOS , macOS , and Android devices. UEM sends the same client certificate to every user that the profile is assigned to.The administrator must have access to the certificate and private key to create a shared certificate profile. | iOS macOS Android | |
You can add a client certificate to a user account. UEM can send the certificate to the user's iOS and Android devices.If the certificate is associated with a user credential profile, devices can use these certificates to connect to your work Wi-Fi network, work VPN, and work mail server.The administrator must have access to the certificate and private key to send the client certificate to the user. | iOS Android | |
Users can upload certificates to BlackBerry UEM Self-Service . UEM then pushes the certificate to the users' devices.If the certificate is associated with a user credential profile, devices and BlackBerry
Dynamics apps can use these certificates for certificate-based authentication and to connect to your work Wi-Fi network, work VPN, and work mail server. | iOS Android | |
Users can add certificates to the device native keystore for use with BlackBerry
Dynamics apps. | Android |