Forum Discussion
Install client certificate via Android Management API Policies - OncCertificateProvider
Hello community,
I am trying to install a client certificate on fully managed Android devices. The devices have been enrolled via Android Management API. The docs show that there is a OncCertificateProvider policy, but it says it is "not generally available". What does that mean? Will it be available in the future? Where can I apply for using this policy?
The specific thing I want to achieve is configuring Cisco AnyConnect/SecureClient with cert authentication. The managed config of the Cisco app allows me to set a "KeyChain Certificate Alias", but I first need to get the cert into the Android KeyChain somehow.
I also tried to send the client cert via openNetworkConfiguration, but it does not appear in the key chain (in the settings app) of the device, although the policy is applied without any problems (as reported by Android Management API). I guess those certs here are only used for network config and not stored in the key chain for usage with e.g. VPN apps.
Thanks.
There is no way to currently install certificate using AMAPI, you have to develop your own solution to install certificate and use the AMAPI to give your app the certificate management delegated scope.
this is currently the only way to do it using AMAPI
You might be able to try this app: https://play.google.com/store/apps/details?id=com.nosari20.managedcertificateselection
Thanks for the info. It seems that the app you mentioned can only delegate certificates to certain apps as default selection but not create new certificates or deploy existing certs to the device. Probably, I need to write an own app for this.
