You can configure your internal DNS to connect to Workspace ONE UEM through the proper records and certificates. Learn more about how to setup your internal DNS to communicate with Workspace ONE UEM.

An internally registered DNS record is for devices connecting over your organization's internal Wi-Fi network, and it tells them how to connect to Workspace ONE UEM (specifically, the Device Services server). An internal DNS record must be registered on the internal domain server.

In the standard, multi-server deployment, you must generate a self-signed certificate for your Console server (or you can use an internally issued certificate).

The externally available URL of the Workspace ONE UEM server must be set up with a trusted SSL certificate. A wildcard or individual website certificate is required.

  1. Open Server Manager and navigate to Roles >  Web Server (IIS).
  2. Click the Server Name.
  3. Select Server Certificates.

    Internet Information Services Manager with Server Certificates selected.

  4. Under Actions, select Create Self-Signed Certificate.

    Server Certificate Actions with Create Self-Signed Certificate selected.

  5. Enter the friendly name (FQDN) and select OK.

    Self-Signed Certificate where you enter a name for your certificate.

  6. Next you can add a 443 binding to the Default website in IIS. The bindings for a completed server look like the following. Your SSL certificate appears in the drop-down menu of available certificates.

    The Edit Site Binding screen where you select your certicate from the SSL Certificate list.

  7. Verify that you have a private key that corresponds to your certificate.

    The Edit Site Binding screen where you verify the port for your certificate. The General tab of the Certificate screen for private key verification.