SOTI Pulse Logo

Certificate enrollment

Solved
T
TomasB
Beijer Byggmaterial AB

Hi community, when we enroll devices to Mobicontrol it prompts Google web browser (not secure website) and we need to press "Advanced" and continue to this address manually. I guess we're missing the certicate in this view. https://xxxxxxxxxx/MobiControl/WebConsole/home/global-settings/CertificateAuthority

Is there any guide that I can follow to have this setup correctly or do I need to create a ticket?

1) Is it the ADCS type I shall use? (we have an on-premis server)

2) I have exported the root.cer from the mobicontrol admin utility, is that correct to import here?

3) How to get the pfx file? 

3 years ago
SOTI MobiControl
ANSWERS
D
DJMOD@SOTI
3 years ago

Hi Tomas,

Thank you for requesting a response from SOTI Support Staff and also for providing the solution. Could you please mark this post as solution, It will help other users with similar issue.

Solution
T
TomasB
3 years ago

Like this? Is this correct?  Will it solve the issue when enroll the device without having to press advanced and continue to unsecure webpage.

SB
Simon Breuer
3 years ago

Hi Tomas.

You don't need to configure a Certificate Authority. You simply want to put the missing root certificate on the device, so it trusts the website you are opening.

1) Create a new profile under profile menu.

2) Under "Configuration" tab choose a new configuration "Certificates"

3) Upload the root certificate file.

4) Activate the switch next to the certificate

5) Save and Assign the profile to the device(s).

The root certificate is now installed on the devices in its local trusted certificate store.

T
TomasB
3 years ago

Hi Simon, thank you for your answer. But how can the profile be assigned and the certficate downloaded to the device when it's not enrolled into the enviroment?

It feels that I need to use a step before Mobicontrol. For example Stage Now for zebra devices?

T
TomasB
3 years ago

Like here in Stage Now  or in my Stage now profile .

SB
Simon Breuer
3 years ago

Oh sorry, I completely missed the fact, that the problem occurs during the enrollment process and the device isn't in MobiControl yet.

So I think you are on the right way by importing the certificate into your Stage Now profile.

T
TomasB
3 years ago

Yes, I will try that. 

1) FileMgr copy the .pem file to the device

2) CertMgr  Install the .pem certficate on the device  (I renamed the .cer to .pem

Hope I got the correct root certficate becuase its a lot of certficates on the server :-)

----BEGIN CERTIFICATE-----

lot of text here

----END CERTIFICATE-----

T
TomasB
3 years ago

It works, I don't have to press advanced and continue now.

BUT before it enrolls, chrome starts and I have unmark (help google/chrome) and then press OK and then No to syncronise contacts and booksmarks.

Is there a way to skip the google chrome start?

Similar Discussions