The Windows Auto-Discovery Service (WADS) requires because native enrollment for Windows devices does not connect to untrusted servers. Obtain a domain-specific or wildcard SSL certificate for enterpriseenrollment.{domain}.

You must obtain this certificate yourself. Consider purchasing a certificate that remains active for at least three (3) years to minimize time and resources required to perform the administrative tasks of renewing certificates.

To obtain an SSL certificate:

  1. Obtain a domain-specific or wildcard SSL certificate for enterpriseenrollment.{domain}.

    For instance, if you were to enter jdoe@acme.com as your email address, the certificate must be obtained for enterpriseenrollment.acme.com or *.acme.com. If you are using a sub domain, the certificate cannot be a wildcard certificate and must be domain-specific. For example, if you are entering jdoe@ga.acme.com as your email address the certificate must be obtained for enterpriseenrollment.ga.acme.com.

  2. Create a CNAME/ANAME record for enterpriseenrollment.{domain} to point to your WADS server.