Skip to main content
Skip table of contents

VMware Workspace ONE UEM powered by AirWatch

The product previously known as AirWatch is a device management solution by VMware, now rebranded as Workspace ONE Unified Endpoint Management (UEM).

Workspace ONE UEM is flexible with PKI integrations and is able to request certificates from either internal or external certificate authorities (CAs). 

Workspace ONE UEM has a native, well-documented integration with EJBCA. For more information on how to configure the integration with EJBCA, refer to the VMware Workspace ONE UEM guide Certificate Authority Integrations.

Workspace ONE UEM and EJBCA scenario overview by VMware, Inc

Workspace ONE UEM and EJBCA scenario overview by VMware, Inc

Workspace ONE UEM and EJBCA Integration Notes

The following notes provide additional insights for configuring the integration with EJBCA, complementing the official documentation.

  • EJBCA API URL: The URL configured in Workspace ONE is the URL to the EJBCA WS API endpoint, formatted as https://my-pki-server/ejbca/ejbcaws/ejbcaws.
  • RA User Certificate: The RA user certificate used in the integration should be in .pfx format and must be imported into the local machine certificate store on the AirWatch Cloud Connector.
  • Access Rights: Ensure that the RA user certificate imported on the AirWatch Cloud Connector has the appropriate access rights in EJBCA Roles and Access Rules.
  • TLS Authentication: EJBCA must be able to use the TLS connection client certificate authentication. If a load balancer is in place, configure it so that the TLS authentication is visible to EJBCA. For simplicity, you may verify that it works by terminating TLS in EJBCA and then exploring the different load balancer configurations. Alternatively, you can use a distributed RA to isolate the CA.
  • CA Name Format: Avoid using spaces in EJBCA CA names, which may lead to a "CA not found" error in Workspace ONE. The CA name is an arbitrary identifier in EJBCA and can be customized as needed.
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.