Follow HOWTO110248 to transfer the three new certificate files to each Mobility front end (FE); renaming them as necessary to match the names below. If the SSL certificate provided by the certificate authority (CA) is in PFX (PKCS personal exchange) follow HOWTO106999 to extract the three required certificates.
Note: This is the PEM formatted public SSL certificate.
If the certificate is not already in PKCS format (from step 1 above) then run the following OpenSSL command, as root from the FE, to copy the sign.crt, sign.key and gd_bundle.crt files into a single PKCS file: openssl pkcs12 -export -out sign.pfx -inkey /usr/local/nukona/certs/configurator/sign.key -in /usr/local/nukona/certs/configurator/sign.crt -certfile /usr/local/nukona/certs/configurator/gd_bundle.crt
Transfer the sign.pfx file to the workstation following HOWTO110248.
Log into the tenant (https://<tenantFQDN>/admin/login) and navigate to Admin console > Settings > Certificate > Apple / iOS certificates
Scroll down to the bottom of the page, under MDM profile signing key, click Choose File, browse to the sign.pfx (or PKCS file provided by the CA) and click Open.