Prerequisites for Using Mobile App Certificates

• Enrollment of mobile app certificates in the User Portal must be enabled; for details, see Setting Parameters for Devices.

• A Repository must be configured with a CA of the “Microsoft Certificate Authority” or “Entrust Certificate Authority” type; for details, see Configuring Repositories.

• A mobile app certificate device policy must be assigned to the corresponding user group; for details, see Creating a Device Policy, Configuring Applicationsand Configuring Group Assignments.

• The Mobile Portal must be configured; for details, see Procedures for Configuring the Mobile Portal.

• The user must install the root certificates on his/her mobile device and ensure that they are properly trusted, see Procedures for Configuring the Mobile Portal.

• The user must have a PIV Personal Identity Verification (technical standard of "HSPD-12"), PIV-I Personal Identity Verification - Interoperable or CIV Commercial Identity Verification smart card and use it to access the User Portal. Internally, this means that a FIPS-196 authentication is performed.

For details about issuing credentials (mobile app certificates) for mobile devices on the User Portal, refer to the HID ActivID Credential Management System User Portal User Guide.