Jump to content

Recommended Posts

Posted

Hello

Have anyone got the Certificate Authorit integration to EJBCA to work?

We trying to get it work. But recives error: 

AirWatch.CloudConnector.CertificateService.CertificateService_EJBCA    testConnectionRequest.AuthenticationCertificate/AuthorityURL cannot be null or empty. Method: AirWatch.CloudConnector.CertificateService.CertificateService_EJBCA;

Authority type: EJBCA

ServerURL: https://MY-PKI/ejbca/ejbcaws/ejbcaws

Cert: Certificate.crt

It dosent matter what we write in the server URL, we always get that error. 

  • Like 1
Posted

Hello,

we finally get it to work after some debugging. And I have discussed this in the github link that @Szymon Frankiewicz discussed as well.

First issue were that we uploaded wrong certificate to the integration in UEM as well as to ACC certstore. Then we had an issue on our LB in front of the EJBCA nodes where we terminated SSL handshake and broke the certificate auth to EJBCA.

After that were fixed we could issue certificates. But if we added SAN attributes to the certificate template in UEM we could not issue certificate anymore. We found out that UEM seems to remove spaces from the CA name in the reqest to EJBCA when we added SAN attributes. 

As workaround we removed all spaces in the CA name in EJBCA and then we could issue certifcates with SAN attribute. We are currently discussing this "space issue" with our PSO contact to see if its a bug in UEM / ACC.

  • Like 1
  • Celebrate 2

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...