Enabling the Certificate Management Server

To enable secure communication between the Certificate Management Server and the Avalanche Enabler, you must create a certificate and edit the csm.properties file with the certificate's credentials. Then automatic certificate issuing must be enabled, so Avalanche can freely communicate with SCEP to automatically submit requests and distribute new certificates to devices. The Certificate Management Server must already be set up. For more information on setting up the Certificate Management Server, see Using the Certificate Management Server.

To edit the cms.properties file

1.Navigate to the wavelink/Avalanche/CertManager/conf folder and open the csm.properties file with a text editor.

2.Edit the values for the following parameters as needed.

InfoRail.Server. The IP address or hostname for the Avalanche InfoRail server. This value must be changed if the InfoRail server is on a different machine than the Certificate Manager.

Cert.Path. Indicates the directory path to the SSL certificate used for secure communications. If you move the certificate out of the default folder, the new location must be entered here.

Cert.Password. The password associated with the certificate from when it was first created. If the certificate password is changed, this value must also be changed.

3.Save and close the file.

4.Restart all Avalanche services.

To enable automatic certificate issuing

1.From the Microsoft SCEP console, navigate to Server Manager > Roles > Active Directory Certificate Services > [Your Certificate Authority].

2.Select the Policy Module tab.

3.Click the second option to automatically issue the certificate.

4.Click OK.

The SCEP server now allows automatic issuing of certificates.