Credentials profiles deploy corporate certificates for user authentication to managed devices.

When deploying this profile for Smart Glasses configuration, there is a limit of two credentials supported.

Procedure

  1. Navigate to Resources > Profiles & Baselines > Profiles > Add > Add Profile > Android (Legacy).
  2. Configure the profile's General settings.
  3. Select the Credentials payload.
  4. Configure the Credentials settings, including:
    Settings Description
    Credential Source

    Upload a certificate from your local machine or define a Defined Certificate Authority, or upload a User Certificate.

    • If you choose to Upload a certificate, complete the following:
      • Credential Name – Enter the name of the credential or select on the information symbol to view acceptable lookup values like {EmailDomain} and {DeviceModel} to find the credential file to use.
      • CertificateUpload the new certificate or lookup values.
    • If you choose to use a Defined Certificate Authority, complete the following:
      • Certificate Authority for the Defined Certificate Authority – Select the external or internal CA issuing encryption keys for the PKI.
      • Certificate Template for the Defined Certificate Authority – Select the predefined template for the CA to use when requesting a certificate.
    • If you choose upload a User Certificate, select either S/MIME Certificate or S/MIME Encryption Certificate.
    • If you choose Derived Credentials, make sure to select the appropriate Key Usage which can be either Authentication, Signing, or Encryption.

  5. Navigate back to the previous payload for EAS, Wi-Fi, or VPN.
  6. Specify the Identity Certificate in the payload:
    Setting Description
    EAS Select the Identity Certificate under Login Information.
    WiFi Select a compatible Security Type (WEP Enterprise, WPA/WPA2 Enterprise or Any (Enterprise)) and select the Root Certificate under Authentication.
    VPN

    Select a compatible Connection Type (for example, CISCO AnyConnect, F5 SSL) and select the Identity Certificate.

  7. Select Save & Publish after configuring the remaining settings.