Skip Navigation
  1. BlackBerry Docs
  2. BlackBerry UEM 12.13
  3. Administration
  4. Securing connections using PKI
  5. Integrating BlackBerry UEM with your organization's PKI software
  6. Connect BlackBerry UEM to a BlackBerry Dynamics PKI Connector

Connect 
BlackBerry UEM
 to a 
BlackBerry Dynamics
 PKI Connector

If you want to use your organization's PKI software to enroll certificates for 
BlackBerry Dynamics
 apps, and your PKI software isn't supported for a direct connection with 
BlackBerry UEM
, you can set up a 
BlackBerry Dynamics
 PKI connector to communicate with your CA and link 
BlackBerry UEM
 to the PKI connector.
A PKI connector is a set of 
Java
 programs and web services on a back-end server that allows 
BlackBerry UEM
 to send certificate requests and receive responses from the CA. 
BlackBerry UEM
 uses the 
BlackBerry Dynamics
 user certificate management protocol to communicate with the PKI connector. This protocol runs over HTTPS and defines JSON-formatted messages. For more information on setting up a 
BlackBerry Dynamics
 PKI connector, see the User Certificate Management Protocol and PKI Connector documentation.
Set up a 
BlackBerry Dynamics
 PKI connector.
  1. On the menu bar, click 
    Settings > External integration > Certificate authority
    .
  2. Click 
    Add a BlackBerry Dynamics PKI connection
    .
  3. In the 
    Connection name
     field, type a name for the connection.
  4. In the 
    URL
     field, type the URL of the PKI connector.
  5. Select one of the following options:
    • Authenticate with username and password
      : Choose this option if 
      BlackBerry UEM
       authenticates with the 
      BlackBerry Dynamics
       PKI Connector using password-based authentication.
    • Authenticate with client certificate
      : Choose this option if 
      BlackBerry UEM
       authenticates with the 
      BlackBerry Dynamics
       PKI Connector using certificate-based authentication.
  6. If you selected 
    Authenticate with username and password
    , in the 
    Username
     and 
    Password
     fields, type the username and password for the 
    BlackBerry Dynamics
     PKI connector.
  7. If you selected 
    Authenticate with client certificate
    , click 
    Browse
     to select and upload a certificate that is trusted by the 
    BlackBerry Dynamics
     PKI Connector. In the 
    Client certificate password
     field, type the password for the certificate.
  8. In the 
    Trusted certificate for the PKI connector
     section you can specify the certificate that 
    BlackBerry UEM
     uses to trust connections to the PKI connector, select one of the following options:
    • CA certificate from BlackBerry Control TrustStore
        
    • CA certificate
      : If you select this option you must click Browse to navigate to and select your organization's CA certificate.
    • PKI connector server certificate
      : If you select this option you must click Browse to navigate to and select your organization's PKI connector server certificate.
  9. To test the connection, click 
    Test connection
    .
  10. Click 
    Save
    .