Using the Update Device Certificate action

Administrators can update a single certificate or multiple certificates on devices that are enrolled in the IBM® MaaS360® Portal that use the MDM policy and the Persona policy.

About the Update Device Certificate action

For the 10.68 platform release, MaaS360 now allows administrators to update individual certificates on a device. In previous releases of MaaS360, the Certificate Authority (CA) server became overloaded when MaaS360 regenerated certificates for all certificate templates that are published to the device. In this release, if a device that is assigned an MDM and a Persona policy uses multiple certificates, the administrator can now generate a single new certificate instead of regenerating all certificates for the device.

For example, if a user requires a new wifi certificate, the administrator can go to the Device view, scroll through the list of available certificates, and then select the certificate to republish on the device.

The Update Device Certificate enhancement is based on the certificate templates that are defined in MaaS360 (Cloud Extender®) and not by the resource (VPN, wifi, email). As part of the update action, the administrator can choose one or more certificate templates. If the administrator uses the same certificate template across multiple certificates (VPN, wifi, email), the Update Device Certificate action updates certificates for VPN, wifi, and email.

Supported agents

For the 10.68 platform release, the Update Device Certificate action applies only to iOS 3.7 and Android 6.20.

User interface enhancements in the IBM MaaS360 Portal

The Update Device Certificate action affects the following sections in the IBM MaaS360 Portal:
  • Device View
    1. From Devices, select the device that you want to update the certificate for, and then click View.
      Update Device Certificate action-Device View
    2. Go to More > Update Device Cert. The Update Device Certificate window is displayed.
    3. Enable the Generate a new Device Certificate from Certificate Authority setting, select the certificate that you want to regenerate, and then click Continue.
  • Device Inventory
    1. Go to Devices > Inventory, and then select a device. The menu bar displays the number of devices that are selected.
      Update Device Certificate action-Device Inventory
    2. Click Update Certificate. The Update Certificates window is displayed.
      Update Device Certificate action-enable certificate window
    3. Enable the Generate a new certificate for the device(s) from certificate authority setting, select the certificate that you want to regenerate, and then click Continue.
  • Device Groups
    1. Go to Devices > Groups, and then select a device.
    2. Click More > Update Certificate.
      Update Device Certificate action-Device Groups
    3. Enable the Generate a new certificate for the device(s) from certificate authority setting, select the certificate that you want to regenerate, and then click Submit.
  • Device History
    1. From Devices, select a device.
    2. Click Summary > History. The Update Device Certificate action history is displayed.
      Update Device Certificate-Device History