(3) Passwordless with Workspace ONE - Certificate prompt certificate



Step 1. Federate Office 365 to Workspace ONE

https://blog.simonelberts.nl/2022/01/federate-office-365-domain-to-third.html


Step 3. Certificate Authentication

https://blog.simonelberts.nl/2022/06/passwordless-sso-with-workspace-one.html





Certificate prompt




Auto-selection of certificate

To remove the certificate popup in the browser, there are different options to consider. This depends on the settings per browser and can be either ADMX, profiles etc.


I have below 2 examples i used for suppressing the popup in my *.vidmpreview.com tenant.

Be aware of the URL and the OG that needs to be changed and corresponds to your OG and Workspace ONE Access tenant:


URL = For SaaS the URL is that of the Certificate Auth cert (cas.*) for a tenant of *.vidmpreview.com it's similar as the one in the example below for a tenant in *.vmwareidentity.eu it's cas.vmwareidentity.eu.


If you are not sure, check the URL of in your browser bar when the cert popup is showing. (see above screenshot)


ogname = group ID where your device is enrolled in UEM





Edge


<wap-provisioningdoc id="1911c8f2-5d21-4726-9b1c-1d1cd9a6d6ec" name="customprofile">/

    <characteristic type="com.airwatch.winrt.registryoperation" uuid="278cf781-4f80-4b99-87d2-b59e50af5cb4">

        <parm RegistryPath="HKLM\SOFTWARE\Policies\Microsoft\Edge\AutoSelectCertificateForUrls" Action="Replace">

            <Value Name="1" Data="{&quot;pattern&quot;:&quot;https://cas.vidmpreview.com&quot;,&quot;filter&quot;:{&quot;ISSUER&quot;:{&quot;CN&quot;:&quot;ogname&quot;},&quot;SUBJECT&quot;:{&quot;CN&quot;:&quot;&quot;}}}" Type="String" />

        </parm>

    </characteristic>

</wap-provisioningdoc>


Chrome


<wap-provisioningdoc id="1911c8f2-5d21-4726-9b1c-1d1cd9a6d6ec" name="customprofile">/

    <characteristic type="com.airwatch.winrt.registryoperation" uuid="278cf781-4f80-4b99-87d2-b59e50af5cb4">

        <parm RegistryPath="HKLM\SOFTWARE\Policies\Google\Chrome\AutoSelectCertificateForUrls" Action="Replace">

            <Value Name="1" Data="{&quot;pattern&quot;:&quot;https://cas.vidmpreview.com&quot;,&quot;filter&quot;:{&quot;ISSUER&quot;:{&quot;CN&quot;:&quot;ogname&quot;},&quot;SUBJECT&quot;:{&quot;CN&quot;:&quot;&quot;}}}" Type="String" />

        </parm>

    </characteristic>

</wap-provisioningdoc>


Comments