(3) Passwordless with Workspace ONE - Certificate prompt certificate

on



Step 1. Federate Office 365 to Workspace ONE

https://blog.simonelberts.nl/2022/01/federate-office-365-domain-to-third.html


Step 3. Certificate Authentication

https://blog.simonelberts.nl/2022/06/passwordless-sso-with-workspace-one.html





Certificate prompt




Auto-selection of certificate

To remove the certificate popup in the browser, there are different options to consider. This depends on the settings per browser and can be either ADMX, profiles etc.


I have below 2 examples i used for suppressing the popup in my *.vidmpreview.com tenant.

Be aware of the URL and the OG that needs to be changed and corresponds to your OG and Workspace ONE Access tenant:


URL = For SaaS the URL is that of the Certificate Auth cert (cas.*) for a tenant of *.vidmpreview.com it's similar as the one in the example below for a tenant in *.vmwareidentity.eu it's cas.vmwareidentity.eu.


If you are not sure, check the URL of in your browser bar when the cert popup is showing. (see above screenshot)


ogname = group ID where your device is enrolled in UEM


note: if you have changed the group ID, this won't change. Look for the issuer in the certificate. In my case it still remained 'simonelberts' after i changed the Group ID.







Edge


<wap-provisioningdoc id="1911c8f2-5d21-4726-9b1c-1d1cd9a6d6ec" name="customprofile">/

    <characteristic type="com.airwatch.winrt.registryoperation" uuid="278cf781-4f80-4b99-87d2-b59e50af5cb4">

        <parm RegistryPath="HKLM\SOFTWARE\Policies\Microsoft\Edge\AutoSelectCertificateForUrls" Action="Replace">

            <Value Name="1" Data="{&quot;pattern&quot;:&quot;https://cas.vidmpreview.com&quot;,&quot;filter&quot;:{&quot;ISSUER&quot;:{&quot;CN&quot;:&quot;ogname&quot;},&quot;SUBJECT&quot;:{&quot;CN&quot;:&quot;&quot;}}}" Type="String" />

        </parm>

    </characteristic>

</wap-provisioningdoc>


Chrome


<wap-provisioningdoc id="1911c8f2-5d21-4726-9b1c-1d1cd9a6d6ec" name="customprofile">/

    <characteristic type="com.airwatch.winrt.registryoperation" uuid="278cf781-4f80-4b99-87d2-b59e50af5cb4">

        <parm RegistryPath="HKLM\SOFTWARE\Policies\Google\Chrome\AutoSelectCertificateForUrls" Action="Replace">

            <Value Name="1" Data="{&quot;pattern&quot;:&quot;https://cas.vidmpreview.com&quot;,&quot;filter&quot;:{&quot;ISSUER&quot;:{&quot;CN&quot;:&quot;ogname&quot;},&quot;SUBJECT&quot;:{&quot;CN&quot;:&quot;&quot;}}}" Type="String" />

        </parm>

    </characteristic>

</wap-provisioningdoc>

Comments

  1. AnonymousNovember 16, 2022 at 2:24 PM

    The finest bonuses list discovered at the top of this page, presents a variety of|quite so much of|a wide selection of} sorts. You’ll 토토사이트 find a mixture of first deposit, multi-deposit no deposit, free spin and cashback presents. For an entire overview of all welcome presents from reliable sites look down beneath.

    ReplyDelete

Post a Comment