antonioaraujo Posted Tuesday at 09:15 AM Share Posted Tuesday at 09:15 AM Dear All, I hope you are fine. I am new in this community. Previously I was using the WorkspaceONE-Discussions community. I am working on an use case in which a PKCS#12 certificate needs to be uploaded to Workspace ONE UEM as shown in the image below: According to API documentation (System Management REST API V1), /users/{{userId}}/uploadsmimecerts can be used to upload MIME certificates for the enrollment user by enrollment user id. Since a new Signing certificate needs to be uploaded, is there an API to get the current Signing certificate (or Encryption, Archived) from Workspace ONE UEM? The idea is retrieving this current certificate, upload it to Archived array, and then upload the new signing certificate. Best regards Antonio Quote Link to comment Share on other sites More sharing options...
kanchan shaw Posted Tuesday at 10:45 AM Share Posted Tuesday at 10:45 AM Even I'm also facing same issue, through post man I'm able to upload cert of corresponding enrollment user, https://host/api/system/users/{id}/uploadsmimecerts. Postman is displaying a 200 status code. We can see thumbprint under edit user> certificate, but not able to see cert has been placed either Current User > Personal > Certificate or Certificate - Local Computer > Personal > Certificate can someone guide me, that would be great help Quote Link to comment Share on other sites More sharing options...
antonioaraujo Posted Tuesday at 11:07 AM Author Share Posted Tuesday at 11:07 AM (edited) Dear @kanchan shaw, I hope you are fine. Thanks for adding your question. The question I have is if there is any API to get or retrieve a certificate uploaded as Encryption, Signing or Archived from Workspace ONE UEM. Regarding to your question, I just asked one of my colleagues from Systems Team and he told me that maybe you need to create a profile, something like a SMIME profile, to push the certificate from Workspace ONE UEM to your user device. Something like this: I hope that can provide you some guidance, that is out of my scope 🙂 Best regards Antonio Edited Tuesday at 11:11 AM by antonioaraujo Add a couple of images for guidance Quote Link to comment Share on other sites More sharing options...
spg123 Posted Tuesday at 06:00 PM Share Posted Tuesday at 06:00 PM As Antonio advice, you need to create a user profile for this with the Credentials payload. However, the disadvantage of using the Workspace ONE UEM API is that it does not support uploading previous S/MIME certificates. It is only support in the web-based administration portal. So if you have an S/MIME certificate that is valid for 1 year, and you send the new one to the Workspace ONE UEM API then all other certificates will be removed and only the latest one will be there. This is OK for new S/MIME encrypted email, but any other S/MIME encrypted email that is older than 1 year will not be able to be read on the device. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.