The final step to making Workspace ONE and mobile SSO functional in your deployment involves configuring authentication methods in the VMware Identity Manager Console. Configuring these authentication methods allows VMware Identity Manager to recognize and trust your third party certificate.

Take the following steps.

  1. Open the VMware Identity Manager Console and navigate to the Manage screen for Authentication Methods.
  2. You are presented with a list of all existing authentication methods for built-in identity providers. Depending upon how many platforms your deployment supports, you may have up to three different methods to configure, one for each device platform. These methods are named in the following manner.

    • "Mobile SSO (for iOS)"
    • "Mobile SSO (for Android)"
    • "Certificate (Cloud Deployment)" This method is for Windows
  3. Select the configure icon for each applicable platform listed above. A new AuthAdapter screen appears.
  4. Ensure the Enable Certificate Adapter check box is selected, which appears at the top of each AuthAdapter screen. For iOS, this field is labeled Enable KDC Authentication.
  5. Next to the Root and Intermediate CA Certificates setting, select the Select File button. Then select the PEM certificate file you received from the third party CA.
  6. Optionally, you can enable OCSP and CRL, where applicable, to enable active certificate validation. For more information, see Certificate Revocation List versus Online Certificate Status Protocol.
  7. Select Save.
  8. Repeat steps 2 through 7 for each platform your deployment supports.