With Workspace ONE PIV-D Manager for Android with XTec, users can manually import additional certificates from any browser. This feature allows the use of multiple certificates for different scenarios.

For details about adding key value pairs (KVPs) to Workspace ONE PIV-D Manager, access Send Derived Credentials from the Console to Android Devices.

Prerequisites

Use Workspace ONE PIV-D Manager for Android v1.5 or later.

Procedure

  1. Admins add the KVP EnableManualCertificateImport to the Workspace ONE PIV-D Manager app as true in the Workspace ONE UEM console.
  2. On devices, users open a browser, navigate to the applicable certificate, and download it.
  3. On devices, users share the certificate with Workspace ONE PIV-D Manager.
  4. Users follow the Workspace ONE PIV-D Manager app prompts to import the certificate.
    Some certificates have passwords so Workspace ONE PIV-D Manager prompts for this value to decrypt the certificate.
    • If Workspace ONE PIV-D Manager does not have an activated credential, then it imports one from XTec. Users set a PIN to use the credential.
    • If Workspace ONE PIV-D Manager has an activated credential, then it adds the new credentials to existing credentials. The system maintains the best, supported credential for each type, Authentication, Signing, and Encryption.
    • If Workspace ONE PIV-D Manager has an activated credential that is not from XTec, then the certificate import fails.