MicroStrategy ONE

Adding Your Enterprise CA as a Trusted Certificate Authority

If you used an enterprise CA on your network, or if you created a CA for demos, as described in Self-Signed Certificates: Creating a Certificate Authority for Development, the CA's root certificate must be installed as a trusted root certificate authority in the following locations:

  • The servers where Web, Mobile Server, or Web Services are installed, as applicable.
  • Mobile devices, such as iPhone, iPad, or Android phones and tablets.

For Android devices, you must add the certificate as a trusted certificate while creating a configuration for your devices in Mobile Administrator.

You must have access to a copy of your enterprise CA's root certificate to perform this procedure.

If your enterprise CA uses Microsoft Certificate Services, open the following URL in a browser window: http://hostname/CertSrv, where hostname is the computer on which Certificate Services is installed, click Download a CA certificate, certificate chain, or CRL, and under Encoding method, select Base 64. Click Download CA certificate and save it to the computer.

If your enterprise CA uses OpenSSL, contact your administrator for a copy of the certificate.

To Add Your Enterprise CA as a Trusted Certificate Authority for Web, Mobile Server, or Web Services

  1. On the machine where Web, Mobile Server, or Web Services is installed, go to Start > Run, type mmc, and press Enter.
  2. Go to File > Console > Add/Remove Snap-in.
  3. Click Add to open the Add Standalone Snap-in dialog box, click Certificates, and then click Add.
  4. Select Computer Account and click Next.
  5. Click Local Computer and then click Finish.
  6. Click OK.
  7. On the left, expand the Certificates snap-in, then expand Trusted Root Certificate Authorities.
  8. Click Action > All Tasks > Import.
  9. Click Browse, and select the certificate you downloaded from your CA.
  10. Click Next.
  11. Select Place all certificates in the following store.
  12. Click Browse, and select the Trusted Root Certification Authorities folder.
  13. Click Next and then Finish.

To Add Your Enterprise CA as a Trusted Certificate Authority for iOS Devices

  1. To distribute your enterprise CA's root certificate to users, do one of the following:
    • Send the certificate as an email attachment to all iOS users.
    • On a server on your network, create a basic web page that allows users to download the certificate, and email the URL of the web page to your users.
  2. The following steps must be performed for every iOS device in your organization.
  3. On an iPhone or iPad, open the email or URL that contains the link to the certificate.
  4. Tap the link to download the certificate.
  5. In the Install Profile dialog, tap Install.
  6. Click Install.

If the device is protected with a passcode, you must type the passcode to install the certificate.