Entrust PKI as a Service

Configuring Workspace ONE in PKIaaS

Configure a PKIaaS workflow to process MDM (Mobile Device Management) Workspace ONE enrollment requests.

To configure an MDM Workspace ONE workflow in PKIaaS:

  1. Follow the steps described in Accessing your partitions to log into the PKIaaS interface as a user with any of the following roles:

  2. Click Enrollment Workflows in the sidebar.

    Enrollment Workflows

  3. Click Create Workflow Configuration.

  4. Click MDM and then Workspace ONE.

    Enrollment Workflows

  5. Configure following settings.

    Field Value
    Workflow Configuration Identifier Enter a unique identifier for the new configuration in your PKI. This identifier must contain 2–18 characters and can only include lowercase letters, numbers, hyphens (’-’), and underscores (’_’).
    Description Enter an optional description of the protocol purpose.
    CA Identifier Select an issuing subordinate authority with profiles of the mdmws group.

  6. Click Create.

  7. In the confirmation window, select the Create > Digital IDs tab.

    IMG

  8. Configure the following settings.

    Field Value
    Digital ID Enter a unique name of the new digital identifier.
    Parent DN Enter the parent Distinguished Name (DN) for building the RDN of a certificate. This value is appended to the end of the Subject DN after the RDN Format variables have been processed.
    RDN Format Enter the Relative Distinguished Name (RDN) format to build certificate Subject Names.
    CA Identifier Select an issuing subordinate authority with profiles of the mdmws group.
    Profile ID Select the mdmws profile to process the enrollment requests.

  9. Click Create.

  10. Copy the URLs under the Web Service URL and SCEP URL fields of the confirmation dialog.

    IMG

  11. Click Enrollment Workflows in the sidebar.

  12. Click the name of the new enrollment protocol in the protocols list.

  13. Select Create > Credentials and enter a username with the following requirements:

    • 2-18 characters long.
    • Only includes lowercase letters, numbers, hyphens (’-’), and underscores (’_’).

  14. Click Create.

  15. Copy the Password value displayed in the confirmation dialog.

    IMG

    ⚠ As stated in the confirmation dialog before leaving this page, Entrust PKIaaS will not display the credential password again. However, you can generate a new one with the Regenerate Password button.