Skip to main content

Configuration of SureMDM CA in SureMDM

This guide explains how to configure SureMDM CA from the SureMDM Console for certificate-based device management. It is intended for administrators who want a clear and self-service workflow to set up certificate settings, apply them to enrolled devices, and manage certificate lifecycle actions such as renewal, revocation, and certificate chain download. Follow the steps in sequence to ensure the configuration is applied correctly.

To configure SureMDM CA in SureMDM, follow these steps:

  1. Log in to SureMDM Console.

  2. Navigate to Account Settings > Certificate Management

  3. Select SureMDM CA as the Certificate Management Method.

  4. Configure the following Certificate settings and click Save.

SettingsDescription
Certificate Renewal PeriodRenews the certificate automatically before the specified days/weeks/months/years.
Common Name WildcardUse the drop-down menu to select the CN Type and enter the Common name in the corresponding data entry field if the Common Name Wildcard/values.
To fetch values from the device, we are using custom wildcard values. For example, Principal Name \= %upn%, RFC822 Name= %emailaddress%
Supported wildcards for CN are:
• PRINCIPAL NAME
• RFC822 NAME
• REGISTERED ID
• DIRECTORY NAME
• DNS NAME
• IP ADDRESS
• GUID
• URL
• SID
Subject Alternate Name WildcardUse the drop-down menu to select the SAN Type and enter the Common name in the corresponding data entry field if the Common Name Wildcard/values.
To fetch values from the device, we are using custom wildcard values. For example, Principal Name \= %upn%, RFC822 Name= %emailaddress%
Supported wildcards for SAN are:
• PRINCIPAL NAME
• RFC822 NAME
• REGISTERED ID
• DIRECTORY NAME
• DNS NAME
• IP ADDRESS
• OTHER NAME
• GUID
• URL
• SID
  1. Once the SureMDM CA configuration is complete, enroll the required devices and deploy the certificate profile to them. For more information, see Certificate Profile Deployment.
  2. Click Get Managed Certificates to renew or revoke the certificate manually.
  3. Click Download to download the certificate chain used by SureMDM CA.
    The downloaded ZIP file contains the following certificates:
  • Root CA Certificate
    Example:
    42Gears_Root_CA.cer
  • Intermediate CA Certificate(s)
    Examples:
    42Gears_\<CustomerID>_Intermediate_CA.cer
    42Gears_XXXXXXXX_Intermediate_CA.cer