pdf icon
Category Filter


Certificate policy lets you deploy server CA certificates to secure and configure features such as Wi-Fi, E-mail, etc., on the managed devices. This policy is used to deploy certificates to windows devices, ideally to secure and validate network communications from the device to any internal/external website. By pushing certificates to device, you can secure access to networks/servers, secure e-mail communication, etc., For example, you can deploy CA certificates to the managed devices, if your organization uses S/MIME to connect to a network/server. The certificates pushed to the device ensures the devices trust the enterprise CA. The supported certificate formats are .cer, .crt, .pem, and .der

Note: For scalable and simplified distribution of certificates in large organizations, you can configure Simple Certificate Enrollment Protocol (SCEP)

Profile Description

Profile Specification Description
Certificate File The file to be pushed to the managed devices.
  1. The certificates are added only if the certificate files are not corrupt.
  2. On certificate expiry, upload the renewed certificate as a new certificate in the profile and then push it to the managed devices.
Jump To