cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

User Certificate distribution with own CA via Afaria

Go to solution
Former Member

on ‎04-29-2015 1:05 PM

0 Kudos

Hi there

We have our own enterprise certificate authority Server (Microsoft Native).

We have already been able to request user certificates, get them on the device and use them for WiFi-Access. Still we have some questions concerning certificate handling.

In the Server-Configuration (Afaria 7 SP5) at Server -> Configuration -> Certificate Authority we found the Checkbox for "Revocation".

The Afaria Documentation describes the Checkbox like this:

"Revocation: Enable to allow users to revoke the certificate".

Who are the 'users' in this sentence? The Users for whom certificates have been requested? If this checkbox is not ticked, is it not possible to revoke certificates via CRL from the server?

Kind regards, Tobias

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

keith_nunn
Active Participant
‎04-29-2015 2:44 PM
0 Kudos

Hi, Tobias.

The "users" in this case would be the people assigned as Afaria administrators and granted proper privileges through the Afaria Administrator roles to revoke certificates for devices.  The device owners cannot revoke their own certificates. 

If the "Revocation" box is not checked you won't see the "Revoke Certificates" icon appear when highlighting a device from the Device Certificates views.  So you cannot revoke the certificates from within the Afaria Administrator.  You could still revoke them from the CA itself, however.

Let me know if you have further questions.

Thanks,

Keith Nunn
SAP Active Global Support

Show replies
Show replies
former_member202810
Explorer
‎04-29-2015 8:44 PM
0 Kudos

Does Afaria provide any mechanism to track the validity of each certificate- for e.g., the MDM certs, APNS certs for iOS which typically expire in 1-3 years?

Regards,

Brijesh

keith_nunn
Active Participant
‎04-29-2015 9:10 PM
0 Kudos

Hi, Brijesh.

Afaria does not currently actively track the expiration of the enterprise APNS certificates.  You can view the certificate details from the Administrator but it's up to the Afaria Administrator user(s) to ensure the certificates are renewed before they expire. 

I know product management is aware of the desire for this feature in the future.  If you want to add your voice you can submit a product enhancement request to the SAP Idea Place or get in touch with your account representative to find out if it's already a planned feature on the road map.

Thanks,

Keith Nunn
SAP Active Global Support

former_member202810
Explorer
‎04-29-2015 9:18 PM
0 Kudos

Thanks for the prompt response Keith.

Regards,

Brijesh

Former Member
‎04-30-2015 1:14 PM
0 Kudos

Thanks for the quick response!

Answers (0)

Ask a Question