Alexandre Posted June 14 Posted June 14 Hello, We are a PKI vendor company, and are seeking to integrate our solution with Workspace ONE UEM, so that certificates issued by our PKI can be delivered on devices managed by Workspace ONE UEM. We currently have a working integration based on SCEP, that works well and is actually deployed and used by some of our customers. But we have new requests from these customers that would require us to issue certificates in PKCS#12 format, so that we have the ability to escrow the private key: more precisely the use case is the issuance of encryption certificates. How should we proceed to get that integration done? Are there APIs that we could either use or implement to achieve that goal?
Employee Sascha Warno Posted June 14 Employee Posted June 14 What should be encrypted? Do they want to use it for SMIME? For that we got the Escrow gateway. https://docs.omnissa.com/bundle/CredentialEscrowGatewayV2310/page/OverviewofCredentialEscrowGateway.html You can use it together with the credentials payload.
Alexandre Posted June 17 Author Posted June 17 (edited) Hi Sasha, Thanks very much for your reply! The Escrow Gateway seems interesting for some of our customers: where can we grab more information, like the calls for the Credential Provider? The documentation gives some good insights already, but not the details of the calls. Also i'm not sure this architecture would fit in some use cases, where we need to be able to recover the certificate/key onto another device, such as a smart card. Edited June 17 by loopkin
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now