HomeGuidesAPI Reference
Get Started

Install SCEP certificate on Windows using Workspace ONE UEM [old versions]

Suggest Edits

Download Workspace ONE Intelligent Hub

Download Workspace one Intelligent Hub for Windows from here.

1318

Workspace ONE Intelligent Hub

Install

Install Intelligent Hub and log in using your credentials. The Windows device will appear on Workspace one UEM.

Login

Login to VMware AirWatch using your credentials.

850

Login Screen vmware airwatch

Create Profiles

After connecting from Workspace one intelligent hub from Windows, your device will appear on VMware AirWatch. Go to Devices → List View, you will be able to see your Windows device.

3306

List View of Devices

We need to create two profiles one for Device and another for User.
Device Profile - CA certificate
Click on the Devices → Profiles and Resources → Profiles → Add
Click on Add Profile and Select Windows and then Windows Desktop and select Device Profile.

1288

Add Profile

Configuration for Device Profile for Foxpass CA certificate

  • Select General and apply the following settings:
  • Name - ‘Any reference name’
  • Deployment - Managed
  • Assignment type - Auto
  • Allow Removal - Always
  • Managed by - ‘Your Administrator ID’
  • Smart Groups - Add all the possible groups from the dropdown.
  • Exclusions - No
  • Click on Save and Publish.
2472

Device Profile - General

Now select Credentials and apply the following settings:

  • Credential Source Defined Certificate Authority → Select Upload
  • Certificate → Click on the Upload button and upload the CA certificate downloaded from Foxpass. (The CA certificate can be obtained by clicking on the ‘Download Certificate’ on EAP-TLS page).
  • Certificate Store → Select Trusted Root
  • Click on Save and Publish.
Download Client CA

Download Client CA

3044

Device Profile - Credentials

User Profile - Foxpass SCEP certificate
Click on the Devices → Profiles and Resources → Profiles → Add
Click on Add Profile and Select Windows and then Windows Desktop and select User Profile.

Configuration for User Profile for Foxpass SCEP certificate

  • Select General and configure:
  • Name - ‘Any reference name’
  • Deployment - Managed
  • Assignment type - Auto
  • Allow Removal - Always
  • Managed by - ‘Your Administrator ID’
  • Smart Groups - Add all the possible groups from the dropdown.
  • Exclusions - No
  • Click on Save and Publish.
3044

User profile - General

Now configure Credentials:

  • Credential Source - Select ‘Defined Certificate Authority from the dropdown.
  • Certificate Authority - Select Foxpass from the dropdown.
  • Certificate Template - Foxpass
  • Key Location - TPM if present
  • Certificate Store - Personal
  • Save and Publish
3056

User Profile - Credentials

Check Certificate Authority

Go to Device → Certificates → Certificate Authority
Name - Foxpass CA
Authority Type - Generic SCEP
SCEP Provider - Basic
SCEP URL - Enter your unique endpoint
Challenge type - Static
Static Challenge - 'Challenge password from Foxpass'
Retry Timeout - 30
Disable the proxy and check the SCEP URL. After entering the settings test the connection

2170

Certificate Authority

Check certificates in Windows

Open certificate manager in Windows.
Select Personal → Certificates, check for the Foxpass SCEP certificate.

1480

Foxpass SCEP certificate

Now check for Foxpass CA certificate in Trusted Root Certification Authorities.

1592

Foxpass CA certificate

Updated 4 months ago