More

    Certificate Management for Android: A Step-by-Step Guide

    Share On

    Digital certificates serve as electronic credentials that authenticate Android devices and enable encrypted communication. They play a crucial role in ensuring data security and privacy, simplifying the tasks of IT teams by verifying device identities, and maintaining security across various networks.

    Android Certificate Management
    Certificate Management for Android

    Digital certificates are important in Android device management for secure authentication, encryption, and maintaining code integrity. They facilitate device enrollment, management, and secure communication protocols, increasing overall security and compliance within the Android ecosystem.

    This blog will provide a step-by-step guide on managing Android digital certificates via Scalefusion, focusing on the steps and best practices for effective certificate management.

    Types of Certificates Scalefusion Supports

    • Identity Certificates: These certificates, typically in formats like .p12 or .pfx, enable apps and browsers to authenticate users for Cert Based Authentication (CBA).
    • CA Certificates: Certificates in formats such as .cer, .pem, and .der that validate the trustworthiness of the presented certificate.
    • Chained Certificates: Certificates that include a chain leading to a Leaf Node. They can encompass both identity and CA certificates, forming a hierarchical chain of issuing certificates along with the leaf certificate in their payload/body.

    NOTE: Scalefusion supports the following certificate types: PKCS12 (.p12) and PKCS1 (.cer, .pem).

    Android Certificate Configuration from the Scalefusion Dashboard

    1. Upload Certificates 

    1. Go to Device Profiles and Policies
    • Access the Scalefusion dashboard.
    • Click the Device Profiles and Policies tab.
    Certificate Management for Android
    1. Navigate to Certificate Management
    • Within the Device Profiles and Policies section, find and select Certificate Management.
    Certificate Management for Android
    1. Click Upload Certificate
    • In the Certificate Management section, click Upload Certificate.
    Certificate Management for Android
    1. Enter Certificate Details
    • In the Upload a Certificate window that appears, enter a name for the certificate.
    • Upload the certificate file by selecting it from your device.
    Certificate Management for Android
    1. Save the Certificate
    • After entering all the necessary details, click Save to upload the certificate to the dashboard.

    The uploaded certificate and its details will be displayed on the Certificate Management screen.

    2. Apply Certificates 

    1. Navigate to the Certificate
    • Go to Certificate Management, where your certificates are listed.
    Certificate Management for Android
    1. Select Publish Option
    • Click Publish under the Actions column next to the certificate you want to publish.
    Certificate Management for Android
    1. Choose Device Profiles/Devices
    • A new window will open, displaying a list of device profiles and devices configured on the Dashboard.
    • Select the device profiles/devices where you want to apply the certificate.
    Certificate Management for Android
    1. Publish the Certificate:
    • Click PUBLISH to associate the certificate with the selected device profiles/devices.

    The certificate will now be applied to the chosen device profiles/devices.

    3. Installation of Certificates on Devices (OS9 and below)

    For EMM Managed BYOD or Corporate Owned Devices (below OS 9)

    1. Ensure PIN/Password Setup
    • If the device does not have a PIN or password set, certificates published from the dashboard will be visible in Certificate Manager but not installed.
    • Set up a PIN or password on the device first.

    For Devices with Legacy Management Mode

    1. Manual Installation
    • Navigate to Certificate Manager on the device.
    • Tap the Install button next to the desired certificate.
    • Tap OK (rename the certificate if necessary).
    • The certificate will be installed on the device.

    For AMAPI-based Android Devices

    • Install certificates through the Companion App associated with AMAPI-based Android devices.

    4. Unpublish Certificates

    1. Navigate to Certificate Management
    • Go to the Certificate Management section where your certificates are listed.
    Certificate Management for Android
    1. Select Unpublish Option
    • Click Unpublish under the Actions column next to the certificate you want to remove from device profiles/devices.
    Certificate Management for Android
    1. Choose Device Profiles/Devices to Unpublish From
    • A window will open, displaying a list of all device profiles and devices where the certificate is currently published.
    • Select the profiles and devices from which you want to remove the certificate.
    Certificate Management for Android
    1. Confirm Unpublish
    • Click UNPUBLISH to proceed. The certificate will be uninstalled from the selected device(s) or device profiles.

    This action effectively removes the certificate from the chosen device profiles/devices on the Scalefusion Dashboard.

    5. Delete Certificates

    Confirmation Dialog for Pushed Certificates

    1. Navigate to Certificate Management
    • Access the Certificate Management section on the Scalefusion Dashboard.
    Certificate Management for Android
    1. Initiate Deletion
    • Click Delete under the Actions column next to the certificate you wish to remove.
    Certificate Management for Android
    1. Confirmation Dialog (Pushed Certificates)
    • If the certificate is currently pushed to any device profiles or used in WiFi configurations, a confirmation dialog will appear:
      • “This Certificate is currently installed on the XX Device Profiles and used in XX Wifi Configurations. Are you sure you want to delete?”
    • Confirm your decision to delete the certificate.
    Certificate Management for Android

    Simple Confirmation Dialog (Non-Pushed Certificates)

    • A simpler confirmation dialog will appear if the certificate is not pushed to any device profiles or used in WiFi configurations.

    Mastering Android digital certificate management with Scalefusion UEM ensures secure authentication, encrypted communication, and compliance. By following these steps, IT teams can effectively manage and safeguard device identities, improving overall security and efficiency in the Android ecosystem.

    Contact our support team and schedule a demo. Try our 14-day free trial today!

    Suryanshi Pateriya
    Suryanshi Pateriya
    Suryanshi Pateriya is a content writer passionate about simplifying complex concepts into accessible insights. She enjoys writing on a variety of topics and can often be found reading short stories.

    Product Updates

    spot_img

    Latest Articles

    OAuth explained: definition, use cases and benefits

    Every time you click ‘Sign in with Google’ or ‘Connect with Microsoft’, you’re using OAuth. That’s OAuth at work. It verifies who you are...

    COPPA compliance: What it means and why it matters?

    Digital access is a right, and so is digital privacy. The UN Convention on the Rights of the Child now includes digital protections, recognizing...

    What is OpenID Connect (OIDC) and how does it work

    Passwords are messy. VPNs break. SAML is a headache. Still, stuck with clunky login flows or apps that don’t talk to each other? It’s...

    Latest From Author

    Best Microsoft Exchange alternatives for 2025: Power-packed picks for businesses

    Let’s face it, Microsoft Exchange might be the gold standard for business email and collaboration. But times change, tech evolves, and what once felt...

    How to screen share on Mac from another Mac: Personal vs business guide

    Screen sharing on a Mac is incredibly simple for personal use. Whether you're helping a friend troubleshoot or showing a colleague a quick demo,...

    How to block websites on macOS devices: A step-by-step guide

    Keeping users on track while using Macs isn't always easy. Between social media, gaming sites, and all kinds of distractions, unmanaged web access can...

    More from the blog

    Best Microsoft Exchange alternatives for 2025: Power-packed picks for businesses

    Let’s face it, Microsoft Exchange might be the gold standard for business email and collaboration. But times change, tech evolves, and what once felt...

    How to screen share on Mac from another Mac: Personal vs business guide

    Screen sharing on a Mac is incredibly simple for personal use. Whether you're helping a friend troubleshoot or showing a colleague a quick demo,...

    What is a custom OS? MDM for custom Android devices explained

    When businesses want their Android devices to perform in a very specific way, they often choose to install a custom OS. Whether it is...

    What is MSP pricing? A guide to pricing your MSP services effectively

    Pricing can make or break your MSP business, not because of the number, but because of how you arrive at it. It’s a decision...