Certificate
Certificate policy lets you deploy server CA certificates to secure and configure features such as Wi-Fi, E-mail, etc., on the managed devices. This policy is used to deploy certificates to windows devices, ideally to secure and validate network communications from the device to any internal/external website. By pushing certificates to device, you can secure access to networks/servers, secure e-mail communication, etc., For example, you can deploy CA certificates to the managed devices, if your organization uses S/MIME to connect to a network/server. The certificates pushed to the device ensures the devices trust the enterprise CA. The supported certificate formats are .cer, .crt, .pem, and .der.
Note: For scalable and simplified distribution of certificates in large organizations, you can configure Simple Certificate Enrollment Protocol (SCEP)
Profile Description
Profile Specification | Description |
---|---|
Certificate File | The file to be pushed to the managed devices. |
- The certificates are added only if the certificate files are not corrupt.
- On certificate expiry, upload the renewed certificate as a new certificate in the profile and then push it to the managed devices.