Menu

Certificate Management

Overview

Mobile devices use cryptographic keys and digital certificates for authentication, encryption, and as a Root of Trust for other security protections. Correct use of these keys and their certificates have such an impact on overall device security and business use cases that Samsung has a family of products dedicated to every aspect of their use and protection.

The Knox Platform supports a multitude of cases that matter to enterprises, with many features not supported anywhere else. Key features are:

These powerful products, combined with Knox Platform security and control, provide IT admins and developers with the tools needed to:

  • Enroll certificates with built-in support for the most secure protocols.
  • Isolate cryptographic material from the device OS and lock down device tampering.
  • Provision biometric and multi-factor authentication protection of the certificate/key.
  • Provide a universal framework for interfacing third-party secure storage providers with app developers.
  • Support external military Common Access Card (CAC) readers.
  • Support derived credential solutions enabling the use of Samsung Knox devices as a virtual CAC card.

Once you have your certificates set up, you can control features in your MDM with Knox. In this screenshot below, we are creating a certificate with Knox Manage.

  • CA Certificate – Saves a Root Certificate in the Samsung mobile menu Certificate> External Certificate.
  • User Certificate – Save a User Certificate in the Samsung mobile menu Certificate> External Certificate.

For added security, we prevent users from deleting certificates and enable certificate verification during install. This ensures certificates can not be deleted and prevents malicious certificates from being installed on the device.