Skip Navigation
  1. BlackBerry Docs
  2. BlackBerry UEM 12.13
  3. Administration
  4. Email, calendar, and contacts
  5. Protecting email data using the BlackBerry Secure Gateway
  6. Configuring TLS/SSL connections to Exchange ActiveSync when you enable the BlackBerry Secure Gateway

Configuring TLS/SSL connections to 
Exchange ActiveSync
 when you enable the 
BlackBerry Secure Gateway

If you enable the 
BlackBerry Secure Gateway
 to provide a secure connection through 
BlackBerry UEM
 between your organization's mail server and 
iOS
 devices with the 
MDM controls
 activation type, you may need to configure 
BlackBerry UEM
 to make TLS/SSL connections to 
Exchange ActiveSync
.
If your 
Exchange ActiveSync
 server is configured to require a TLS connection, you must add the 
Exchange ActiveSync
 server certificate (or its root certificate) to 
BlackBerry UEM
. The 
BlackBerry Secure Gateway
 requires the certificate to trust the 
Exchange ActiveSync
 server when it establishes the TLS/SSL connection.
Depending on the security requirements of your 
Exchange ActiveSync
 server, you may also need to update the list of TLS versions and ciphers that the 
BlackBerry Secure Gateway
 can use for authentication with 
Exchange ActiveSync
.