11/11/2008

After you obtain the valid Mobile Device Manager (MDM) Gateway Server certificate, you must export the root certification authority certificate and any subordinate certification authority certificates. The following procedures assume that your root certification authority is offline and inaccessible from the company network. You perform the following procedures from a subordinate certification authority by using the Certification Authority snap-in, or from a desktop or server that has access to the Certification Authority console.

You must make sure that you follow these steps:

To export root certification authority certificate

  1. Open the Certification Authorityconsole from any domain-joined computer or server. This console must be attached to the certification authority, either root or subordinate, that you designated for MDM deployment.

  2. Right-click the name of the certification authority and then select Properties.

  3. In the CA certificatesdialog box, choose the Generaltab, and then select the certificate for the certification authority you want to access.

  4. Choose View Certificate.

  5. In the Certificatedialog box, choose the Certification Authoritytab. Select the name of the root certification authority and then choose View Certificate.

  6. In the Certificatedialog box, choose the Detailstab and then choose Copy to File.

  7. The Certificate Export Wizardappears. Choose Next.

  8. On the Export File Formatpage, select the DER encoded binary X.509(.CER)option.

  9. Choose Next.

  10. In the File to Exportbox, choose the path and name for the certificate, and then choose Next.

  11. Choose Finish. The .cer file will be created in the location that you specified in the previous step.

  12. A dialog box appears to inform you that the export was successful. Choose OKto finish.

To export subordinate certification authority certificates

  1. Open the Certification Authorityconsole from any domain-joined computer or server.

  2. Right-click the name of the certification authority and then select Properties.

  3. In the CA certificatesdialog box, choose the Generaltab, and then select the certificate for the certification authority you want to access.

  4. Choose View Certificate.

  5. In the Certificatedialog box, choose the Certification Authoritytab. Select the name of the subordinate certification authority and then choose View Certificate.

    Important:
    You must export all the subordinate certification authority certificates. In the Certificatedialog box, if the View Certificateoption for your subordinate certification authority is disabled, choose the Detailstab and then go to the next step.
  6. In the Certificatedialog box, choose the Detailstab and then choose Copy to File.

  7. The Certificate Export Wizardappears. Choose Next.

  8. On the Export File Formatpage, choose the DER encoded binary X.509(.CER)option.

  9. Choose Next.

  10. On the File to Exportpage, choose the path and name of the certificate, and then choose Next.

  11. Choose Finish. The .cer file will be created in the location that you specified in the previous step.

  12. A dialog box appears to inform you that the export was successful. Choose OKto finish.

  13. Repeat steps for every subordinate certification authority listed on the Certification Authority tab, step 5.