Hi, you can use most Public Certificate Authorities with EMM. The main reason you need this is to facilitate the SSL connection between the devices and the Proxy/Portal servers. I would suggest Godaddy.com as those work really well and are realitvely inexpensive.
hoping you can provide some assistance here, I'm thoroughly confused regarding the portal certificate.
I have generated the CSR using the deployment helper and have received the SSL cert from Godaddy. The package from them contains "placeyourURLhere.crt" and "gd_iis_intermediates.p7b" files.
Now I'm trying to install these in the EMM installer program, but it wants .pfx or .p12 files.
It was suggested that I should install the certificates into the Windows certificate store and then export them, but that doesn't allow export into either .pfx or .p12 format.
I'm not sure if you solved your problem - it turned out that a solution was to install IIS7 separately, install the certificates in IIS7, and then install EMM.
I find this quite a pain in the butt, given that the EMM installer will install IIS for you, but then can't deal with the certificates provided by the CA.
What do I need to use as common name??? Does it need to be the company's FQDN on public DNS???? ie yourcompany.co.uk
cert must match the Public DNS name, is it the company DNS name? Do I need to register any other public DNS name?
Sorry for the noob questions
did this get answered for you? Quick answer, depending on what naming convention you use for your company, something like emm.yourcompany.co.uk works. As long as DNS from the Internet can find your EMM server you can call it what ever you like.
For anyone having trouble exporting a cert as a PFX, I've got 2 tips.
1) not only Complete certificate request, but ensure that all intermediate certs and CAs have been imported as well so that you have a complete certificate chain.
2) mcafee cannot necesarily help you export as a PFX but your certificate provider can. A call to mcafee may end up being hours of wasted time when a quick google or search of you providers site, or even a call to the provider will have an answer for you much faster. This is because each providers certs are slightly different.