The Secure Channel Certificate settings page lets you configure options related to the certificate of the same name.

For on-premises customers, the Secure Channel Certificate establishes a trust between Workspace ONE UEM and any components (e.g. VMware Enterprise Systems Connector, AWCM) that are installed on premises. VMware Enterprise Systems Connector automatically packages this certificate in its installer, but for AWCM you will need to download it from here.

For SaaS customers, the Secure Channel Certificate is configured by Workspace ONE UEM, so you do not need to install it from this page. You can configure the settings for blocking non-secure channel device access.

  • Current Setting – Select whether to Inherit or Override the displayed settings. Inherit means use the settings of the current organization group's parent OG, while Override enables the settings for editing so you can modify the current OG's settings directly.

Block Non-Secure Channel Device Access

Select a check box next to each of the platforms with which you want to enforce communication with the Workspace ONE UEM console over a secure channel.

AirWatch Cloud Messaging

Download AWCM Secure Channel Certificate Installer – Downloads an .exe file that you can run on your AWCM server. For more information, see Introduction to AWCM.

Download CNS Secure Channel Certificate Installer – Downloads a .tar file that you can run on your Cloud Notification Service server. The Secure Channel Installer for Linux is only used for the Cloud Notification Service. AWCM is only supported on Windows servers.

  • Child Permission – Select the available behavior of child organization groups that exist below the currently selected organization group. Inherit only means child OGs are only allowed to inherit these settings. Override only means they override the settings, and Inherit or Override means you can choose to inherit or override settings in child OGs that exist below the currently selected OG.