Configuring certificate issuance rules

The certificates are used for the device authentication on the Administration Server. All managed mobile devices must have certificates. You can configure how the certificates are issued.

To configure certificate issuance rules:

  1. In the console tree, expand the Mobile Device Management folder and select the Certificates subfolder.
  2. In the workspace of the Certificates folder, click the Configure certificate issuance rules button to open the Certificate issuance rules window.
  3. Proceed to the section with the name of a certificate type:

    Issuance of mobile certificates—To configure the issuance of certificates for the mobile devices.

    Issuance of mail certificates—To configure the issuance of mail certificates.

    Issuance of VPN certificates—To configure the issuance of VPN certificates.

  4. In the Issuance settings section, configure the issuance of the certificate:
    • Specify the certificate term in days.
    • Select a certificate source (Administration Server or Certificates are specified manually).

      Administration Server is selected as the default source of certificates.

    • Specify a certificate template (Default template, Other template).

      Configuration of templates is available if the Integration with PKI section features the integration with Public Key Infrastructure enabled.

  5. In the Automatic Updates settings section, configure automatic updates of the certificate:
    • In the Renew when certificate is to expire in (days) field, specify how many days before expiration the certificate must be renewed.
    • To enable automatic updates of certificates, select the Reissue certificate automatically if possible check box.

    A mobile certificate can be renewed manually only.

  6. In the Password protection section, enable and configure the use of a password when decrypting certificates.

    Password protection is only available for mobile certificates.

    1. Select the Prompt for password during certificate installation check box.
    2. Use the slider to define the maximum number of symbols in the password for encryption.
  7. Click OK.

See also:

Starting the Certificate Installation Wizard

Scenario: Mobile Device Management deployment

Page top