AirWatch Installation: Part 2 – SSL Certificate configuration for Device Services and console Server

Generating CSR for SSL Certificate.

Before generating the CSR for SSL certificate, make sure to add the IIS role on device services and console server.1.png

Select Server on the left and double click on “server certificate” under IIS1.png1.png

Click on “create certificate request” .1.png

Under common  name , use the exact domain name which you have bought form a public domain provider , this will be the public DNS name of your AirWatch Device services server.1

Select bit length of 2048.1

Now we have the CSR ready .

Processing Certificate Signing Request with Certificate Authority

I am using comodo SSL certificate for this installation. comodo SSL are trusted by both Apple and Android devices and certified by Airwatch as well .

The good part is you can register for a 90 days free trail license for testing before making a purchase.I have also bought public DNS for the AirWatch Device Services server from GoDaddy ( You need the domain before you can apply for the SSL certificate.1.png

Here is have used the CSR I have generated in previous step.1.png1.png

Enter the domain you have bought here to complete the wizard, SSL certificate will be issued against this domain.1



Once you complete the process, SSL certificate along with root and intermediate certificate will be emailed to you on successful domain validation.

Configuring SSL Certificate on Application server (Device Services Server):

First we will configure the root certificate:

Open the MMC console – File – Add/Remove sanp-in1.png

Use computer account.1

Click on certificate on left hand side and select add ..


Once this done, go to certificate – trusted root certificate – right click on trusted root certificate – select all task and import1.png1.png

Follow the wizard and import the root certificate .1.png1.png

Browse to the location of root certifcate , select and open1.png1.png111

Similarly import the intermidiate certificate  by right clicking on intermidiate certificate folder .follow the the above process , once the import is done close the MMC console.

Now we will install the SSL certificate for our domain.1.png1.png1.png1.png1.png

Once certificate request is completed, you can see your SSL certificate is visible under server certificates as highlighted above.

Next step is to perform https binding for default website.1.png

Under sites, select “Default website” – click on binding on right hand side.1

Click add, change the type to https. Mentioned the FQDN of host and select your SSL certificate.1.png11.png

For testing, write the FQDN of your device services server with HTTPS and you should be able to see the green secure lock. Refer to the above screenshot.


In the Next part, I will cover the application server configuration.

2 thoughts on “AirWatch Installation: Part 2 – SSL Certificate configuration for Device Services and console Server

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s