Entrust PKI as a Service

Configuring Ivanti in PKIaaS

Configure a PKIaaS workflow to process MDM (Mobile Device Management) Ivanti enrollment requests.

To configure an MDM Ivanti workflow in PKIaaS:

  1. Follow the steps described in Accessing your partitions to log into the PKIaaS interface as a user with any of the following roles:

  2. Click Enrollment Workflows in the sidebar.

    Enrollment Workflows

  3. Click Create Workflow Configuration.

  4. Click MDM and then Ivanti Neurons.

    Enrollment Workflows

  5. Configure following settings.

    Field Value
    Workflow Configuration Identifier Enter a unique identifier for the new configuration in your PKI. This identifier must contain 2–18 characters and can only include lowercase letters, numbers, hyphens (’-’), and underscores (’_’).
    Description Enter an optional description of the workflow purpose.
    CA Identifier Select an issuing subordinate authority with profiles of the mdmws group.

  6. Click Create.

  7. In the confirmation window, select the Create > Digital IDs.

    IMG

  8. Configure the following values.

    Field Value
    Digital ID Enter a unique name of the new digital identifier.
    Parent DN Enter the parent Distinguished Name (DN) for building the RDN of a certificate. This value is appended to the end of the Subject DN after the RDN Format variables have been processed.
    RDN Format Enter the Relative Distinguished Name (RDN) format to build certificate Subject Names.
    CA Identifier Select an issuing subordinate authority with profiles of the mdmws group.
    Profile ID Select the mdmws profile to process the enrollment requests.

  9. Click Create.

  10. Copy the URLs under the Web Service URL and SCEP URL fields of the confirmation dialog.

    IMG

  11. Click Enrollment Workflows in the sidebar

  12. Click the name of the new enrollment workflow.

  13. Select Create > Credentials and enter a username with the following requirements:

    • 2-18 characters long.
    • Only includes lowercase letters, numbers, hyphens (’-’), and underscores (’_’).

  14. Click Create.

  15. Copy the Password value displayed in the confirmation dialog.

    IMG

    ⚠ As stated in the confirmation dialog before leaving this page, Entrust PKIaaS will not display the credential password again. However, you can generate a new one with the Regenerate Password button.