Avalanche powered by Wavelink
This page refers to an older version of the product.View the current version of the User Guide.
Certificate Management
Avalanche allows you to manage the deployment and management of certificates for your AIDC mobile devices through integration with Microsoft SCEP. This enables automated querying and distribution of certificates at the device level, removing the need for manual requests that require waiting and hands-on distribution.
The Certificate Manager requires additional licensing to utilize in tandem with Avalanche. To obtain a license, contact Wavelink Support for assistance.
1.Configure the Certificate Management Server. The server is an optional component available for installation with the Avalanche Enterprise Server. Once installed, you must set up the server to allow for secure communication between it and the Avalanche Enabler. For more information, see Configuring the Certificate Management Server.
2.Set up SCEP on your server. Prior to integration with Avalanche, you must have a Simple Certificate Enrollment Protocol (SCEP) set up on your Windows server that is accessible by Avalanche. In addition, you must configure your Microsoft SCEP server to enable Single Password Mode, issue certificates automatically, and communicate securely via SSL. For steps on performing these configurations, see Configuring the SCEP Server. To set up SCEP on your server, see the Windows Server Help.
3.Configure certificate authentication. To enable certificate authorization between devices and the certificate authority server, you must set up additional network policies and edit the registry on your SCEP server. For more information, see Setting Up Certificate Authentication.
4.Add SCEP credentials in System Settings. Provide the credentials needed to connect with your SCEP server. To communicate with an existing certificate authority, Avalanche must have access to communicate with the certificate management server. You can add multiple Certificate Authorities from this page and assign network and mobile device profiles to them individually. For more information on adding Certificate Authorities, see Configuring General System Settings.
5.Edit your Network Profile. To allow certificate requests and define when a certificate expires, you must create or edit a Network Profile, use the EAP-TLS encryption protocol, and select the Certificate Authority that network gives access to. From here, you can validate certificates, select certificate sources, and set certificates to renew automatically. For more information, see Configuring WLAN Settings.
6.Edit your Mobile Device Profile. To give devices access to the certificate management server, you must add its IP or hostname on a Mobile Device Profile. For more information, see Managing AIDC Mobile Device Profiles.
7.Deploy to devices. Deploy the changes to your profiles to all enrolled mobile devices associated and accept the certificates for secure communication. For more information, see Deploying Certificates.
After performing these steps, Avalanche can communicate with your Microsoft SCEP server to automatically request and distribute certificates to your enrolled AIDC mobile devices.
This page refers to an older version of the product.View the current version of the User Guide.
The topic was:
Inaccurate
Incomplete
Not what I expected
Other
Copyright © 2017, Ivanti. All rights reserved.