« Back to myAirWatch

Generate the Advanced Remote Management Certificates

As part of deploying the Advanced Remote Management (ARM) server, generate the root and intermediate certificates used during installation.

  1. Download the installer package, titledVMware AirWatch Remote Management Installer, from MyAirWatch.
  2. Run the Remote Management Certificate Generator which is included in the installer package.

    • This tool must be run on a machine with the same locale settings as the database server to ensure the same date format is set in the SQL script.
    • You must run this certificate generator as an Administrator.
    • Be certain to use the correct version of the tool according to the version of AirWatch you are using.

      AirWatch Version Certificate Generator Tool Version
      Pre 9.2 RemoteManagementCertificateGenerator_Before_9_2
      9.2 and after RemoteManagementCertificateGenerator_9_2
  3. In the AirWatch Console, switch to your primary organization group and navigate to Groups & Settings > All Settings > System > Advanced > Site URLs, scroll down to the External Remote Management section and copy the string in the Remote Management CN field.

  4. Set the following values.

    Setting Value
    Certificate Type Remote Management.
    Deployment On-premises.
    Certificate Common Name Paste the Certificate Common Name copied from step 3 above.
  5. Select Generate Certificates.
  6. Navigate to the folder on your device holding the Remote Management Certificate Generator. Find the generated certificates file in the Artifacts\private folder called root_intermediate_chain.p7b. Copy this file to the c:\temp\certs folder on the Remote Management Server. This is the T10 Certificate which is needed later.

    The T10 interface certificate contains two major certificates that enable AirWatch to communicate with the T10 portal. These major certificates are the Root certificate and the AirWatch portal intermediate certificate in a p7b file.

  7. In the Artifacts folder, find the "Certificate Seed Script.sql". Run this script against the AirWatch Database to seed the generated certificates into the AirWatch database.

  8. Install the certificates onto the Remote Management server into the appropriate certificate stores.

    1. Add the file named "root_cert.cer" to the Root cert store.
    2. Add the file named "intermediate_cert.cer" to the Intermediate cert store.