Product Documentation

Configuring an OpenTrust PKI Adapter for Device Manager

Dec 21, 2015

XenMobile OpenTrust Adapter was validated with OpenTrust PKI Version 4.7.1 (r131349).

The XenMobile OpenTrust Adapter is a web application running on Tomcat:

  • Windows 2008 R2
  • Java 1.6.0_29 or above, 32 bits version
  • Apache Tomcat 7.0.27
Note: You only need Tomcat core features, not the manager or the documentation, unless you need it. After installation, you can also delete the directory <tomcat_dir>/webapps/ROOT.
The XenMobile OpenTrust Adapter provides an interface that allows Device Manager to submit certificate requests for a signature to an OpenTrust Certificate Manager server. Device Manager submits a request to the OpenTrust adapter to sign a certificate. The OpenTrust Certificate Manager receives the request, signs the certificate and returns it to Device Manager. Device Manager makes these certificate requests in order to generate device identity for mobile device management mutual authentication, or user credential certificates to be used in conjunction with WiFi, VPN, and Exchange ActiveSync profiles for iOS devices. XenMobile recommends that the OpenTrust Adapter is installed on a separate server from the Device Manager host, using its own instance of Tomcat 7.0.

To install OpenTrust Adapter

  1. Copy the provided WAR file to the Tomcat webapps directory. You can change the WAR file name to fit the usage of this adapter instance (wifi_certificate, exchange_certificate, and so on).
  2. Start Tomcat. It will automatically expand and install the web application in its directory.
  3. To check that the adapter is properly running, connect to: http://<server_name>:<port>/<adapter_name/. An Available SOAP services page appears.