Posted November 8, 2024Nov 8 Hello Have anyone got the Certificate Authorit integration to EJBCA to work? We trying to get it work. But recives error: AirWatch.CloudConnector.CertificateService.CertificateService_EJBCA testConnectionRequest.AuthenticationCertificate/AuthorityURL cannot be null or empty. Method: AirWatch.CloudConnector.CertificateService.CertificateService_EJBCA; Authority type: EJBCA ServerURL: https://MY-PKI/ejbca/ejbcaws/ejbcaws Cert: Certificate.crt It dosent matter what we write in the server URL, we always get that error.
November 14, 2024Nov 14 Community Expert You looked at this article it will leave integration with EJBCA. Integrate EJBCA as a Certificate Authority in Workspace ONE UEM - vEUCaddict I also found a problem described on the EJBCA project's GITHub. Maybe something can be determined. https://github.com/Keyfactor/ejbca-ce/discussions/638
November 18, 2024Nov 18 Old blog post reference but Sidney had a good article around this: https://veucaddict.com/blog/integrate-ejbca-certificate-authority-in-workspace-one-uem/
November 18, 2024Nov 18 Employee Put your ACC logs into debug. Is the private key available on the ACC servers machine key store? Debug logs will give you more info.
November 19, 2024Nov 19 Author Hello, we finally get it to work after some debugging. And I have discussed this in the github link that @Szymon Frankiewicz discussed as well. First issue were that we uploaded wrong certificate to the integration in UEM as well as to ACC certstore. Then we had an issue on our LB in front of the EJBCA nodes where we terminated SSL handshake and broke the certificate auth to EJBCA. After that were fixed we could issue certificates. But if we added SAN attributes to the certificate template in UEM we could not issue certificate anymore. We found out that UEM seems to remove spaces from the CA name in the reqest to EJBCA when we added SAN attributes. As workaround we removed all spaces in the CA name in EJBCA and then we could issue certifcates with SAN attribute. We are currently discussing this "space issue" with our PSO contact to see if its a bug in UEM / ACC.
January 16Jan 16 EJBCA has a bug when issuing certificates. Nothing has changed since October. We are using an old version of the Cloud Connector. Sad that Workspace One did not know about the bug. Good support looks different. Edited January 16Jan 16 by SebastianB
_community.png.fc103fd33135c37173c833e0668f98ef_8b6b64.png)
_community.png.fc103fd33135c37173c833e0668f98ef_852a12.png)
Create an account or sign in to comment