When Fusing apps on Appdome with the MobileIron SDK you can enable them for Sentry Certificate Pinning.
You will always want to make sure that your client certificate is indeed trusted by your MobileIron Sentry before you Fuse your app with Sentry Certificate Pinning. This trust is required when apps access your intranet via the MobileIron Sentry tunnel.
Your MobileIron Sentry must be resolvable and accessible over the internet.
Steps to Take in MobileIron and MobileIron Sentry Environments
Step 1: Generate a client certificate using the same Certificate Authority (CA) trusted by your MobileIron Sentry. See below how to locate the trusted CA in your MobileIron Core:
Step 2: Export the client certificate as a P12/PFX file
Step 3: Import your P12/PFX file into your browser (PC/Mac)
Step 4: Navigate to your MobileIron Sentry URL over HTTPS (e.g. https://my.sentry.com)
Step 5: The browser will ask for a client certificate to be used to connect to the MobileIron Sentry, please select your imported client certificate from the list.
If the browser continues to the next step your client certificate is trusted by the MobileIron Sentry. Otherwise, it is not trusted.
- Optional test: You can openssl command line tool to verify the certificate:
openssl s_client -cert your_certificate.pem -key your_certificate_key.pem -connect your_sentry_url:443 -debug
Appdome Steps to Fuse Apps with Sentry Certificate Pinning
Step 1: Navigate in a browser to Appdome and login
Step 2: Upload your iOS (.ipa) Android (.apk) app binary
Step 3: Upload new app or choose an app from the Catalog and click Add to My Apps
Step 4: Select your app Fusion settings
Step 5: Go to Management -> select MobileIron AppConnect SDK under EMM Services
Step 6: Go to Appdome Mobility Suite and enable Sentry Certificate Pinning as seen below
Step 7: Add a private client certificate file for Sentry authentication.
Step 8: Choose the other options you would like to Fuse your app with then click Fuse My App
Step 9: Customize the App and change App Name
- After Fusing your App you will be taken to the Customize for your app
- Optionally you can edit the App Display Name, App Icon, App Favicon, Favicon File, and Favicon Position and Custom App Configuration Files
- Click Customize My App to integrate the app with the MaaS360 SDK and Appdome Advanced App Protection.
Step 10: Signing the Fused App
In order to deploy an app, it must be signed. You can sign from with the Appdome platform.
Explanations for how to sign an app using the Appdome platform are available in the following knowledge base articles.
- To sign iOS app and/or sign an Android app
To skip the signing process and perform singing on your own, click the Skip button to the left of the Sign button to proceed to the app download section.
Thanks for visiting the Appdome knowledge base! We hope Appdome is living up to our mission of simplifying your mobile integrations. If you don't already have an account, you can sign up for free. Happy Fusing!
Here is a link to another resource we wrote on Appdome for MobileIron that has more information.