cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

How to send the root CA certificates to mobiles for Afaria client

Former Member

on ‎11-24-2013 8:55 AM

0 Kudos

Hi All,

We have root CA certificate. It has to install before installing afaria client.

What is the most user friendly way to send CA certificate to all users mobile.

We have one web server, this server we can access from out side. This having HTML file . This HTML file having a button, if user client on the button then certificate will get download. This is our requirement.

We tried by downloading certificate, it is not downloading But other files like pdf, txt we can download, certificate we can't able to download.

Ho to resolve this

Thanks in advance

suresh

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

Former Member
‎11-24-2013 9:07 AM
0 Kudos

Please confirm the type of device .

Show replies
Show replies
Former Member
‎11-24-2013 10:00 AM
0 Kudos

Hi chetan,

thanks for reply,

any type of mobile device. we will tell the web server URL to all users, so that they will go to link and click button, then certificate has to download.

Thanks

suresh

Former Member
‎11-24-2013 10:03 AM
0 Kudos

Why do you need the root cert before the client. You can have the client install it

Peter

Former Member
‎11-24-2013 10:35 AM
0 Kudos

Hi peter,

To install the Afaria client, it require our organizations certificate need to be installed and has to appear in installed trusted certificate list.

thanks in advance

suresh

Former Member
‎11-24-2013 10:42 AM
0 Kudos

Is it because the download link is behind SSL (self-signed) or where does the requirement come from?

for iOS you can MDM enroll with self-signed by just adding the root cert in the enrollment server installation. Then the enrollment server will make sure to send down the root cert along with the enrollment.

For Android (and Windows Mobile) running XNet(s) you need to have the cert, but several options

1) run the first channel without SSL and then send to root cert and switch the clients to use SSL for the next sessions

2) run with a 3rd party root cert already trusted on the device. This is ALWAYS the easiest and the relative low cost of cert will always make this my favorite option. Always and for all device types!!

Peter

Former Member
‎11-24-2013 12:57 PM
0 Kudos

Hi Peter,

We are planing to use afaria self service portal to install the afaria client on user mobile.

For this we our certificate need to be installed in user mobile. Is it possible to modify the portal, so that if user click any button our certificate will download and install in his mobile.

In android case

1) run the first channel without SSL and then send to root cert and switch the clients to use SSL for the next sessions

we are not getting this, can you please elaborate


thanks in advance.

suresh

Former Member
‎11-25-2013 9:04 AM
0 Kudos

Ahh.. So you're just talking about root cert for EUSSP 🙂 The Android and iOS cases were for device communication. For SSP I'd always just go with a trusted 3rd party cert. If you don't need insurance for your web shop (you don't in this case) then SSL certs are dirt cheap and not worth the effort of working around.

If you MUST use your own, then you CAN modify the SSP...

Ask a Question