Generate and upload a token to install Workspace ONE UEM manually on your server.

If your Workspace ONE UEM application server does not have outbound Internet access to the signing service, as defined under Network Requirements, then the Authentication Token field does not display on the Global Enterprise Manager. In this case, the manual flow installer is automatically launched. In case the installer is not automatically launched, you can manually run it by navigating to AirWatch\Supplemental Software\CertInstaller\ and running CertificateInstaller.exe. This EXE file opens a screen to guide you through the manual installation method.


  1. Select Next to continue and start the wizard.
  2. Select whether to use SQL Authentication or Windows Authentication. Select the same option that you chose during the main installation procedure. For SQL Authentication, the appropriate credentials are seeded in your config file. For Windows Authentication, you must enter the credentials of the Windows user to authenticate.
  3. Select the Get File button and generate a PLIST file that contains a batch of certificate signing requests. Save this file to a location that has outbound Internet access to the myAirWatch signing service.
  4. Log in to myAirWatch and navigate to Hamburger menu > myAirWatch >  My Company.
  5. Select Certificate Signing Portal.
  6. Select Authorize Install.
  7. Select Upload Your File.
  8. Using the link, upload a PLIST file from your computer and select the PLIST file you saved previously.
  9. Select Upload This File and save the file provided.
  10. In the installer, select Set File and select the file myAirWatch provided.


The Next button is enabled and you may proceed with installation. If you see the Installation Failed screen at any point during installation, select Back to try again, or contact Workspace ONE Support for assistance.