Avalanche 6.0 or 6.1 On-Premise
Android 4.4.x device
How To Enroll Your Android Device:
- Create a self-signed Certificate
- Configure your Tomcat to use HTTPS
- Configure the Avalanche Server
- Move the ca.pem file to the wam folder
- Create enrollment rule
- Download the Avalanche App
- Connect to the Avalanche Server
Create a Self-Signed Certificate
Follow this article: Avalanche 6.X Smart Device Certificate Utility and create a self signed certificate
NOTE: DO NOT PUT NUMBERS AT THE BEGINNING OF THE PASSWORD FOR THE SELF-SIGNED CERT. This will cause it to not work correctly.
Once you have created the certificate, make sure to copy and paste you certificate [yourserver].p12 in the following places:
1. The Wavelink Installation Directory C:\Program Files\Wavelink
Configure the Avalanche Server
- Connect to the Avalanche Web Console and navigate to the Tools > System Settings
- Find the HTTPS Configuration
- Add the [yourserver].p12 certificate
- Enter the correct password for the certificate
Move the ca.pem file to the wam folder
NOTE: When the device can't find the ca.pem file, it will then try and download the cert from the Smart Device Server over Port 8888 (non-secure port of the smart device server).
- Stop Wavelink Tomcat service
- Navigate to C:\Program Files\Wavelink\Avalanche\SmartDeviceServer\conf
- Copy the ca.pem file
- Paste it to C:\Program Files\Wavelink\Avalanche\SmartDeviceServer\webapp\wam
- Rename the 'ca.pem' file to 'server.crt'
- Start the Wavelink Tomcat Service
NOTE: If you are installing a self signed certificate then the Android OS will force you to add a passcode for security purposes. This is not related to Wavelink / LANDESK.
Create the enrollment rule
- Creating the enrollment rule for Smart Devices:
Connect to the avalanche Server
Connect to the device with Remote Control
- Open the enabler
- Type the IP Address in the Remote Control Server Address
[Optional] Configure Server to use HTTPS
- Navigate to [Avalanche installation directory]\Wavelink\Avalanche\apache-tomcat-7.0.35\conf and open the server.xml file with a text editor such as Notepad.
- Find the following line: <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true" maxThreads="150" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" />
- Remove the comment markers <!-- and --> so that the section is not commented out.
- Replace the section to contain the following information:
<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol" SSLEnabled="true" maxThreads="150" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" keystoreFile="C:/Program Files/Wavelink/certificate.p12" keystorePass="password" keystoreType="PKCS12" />
Where the keystoreFile value is the path to the certificate and the keystorePass value is the password you entered when creating the certificate. In the path to the certificate, use forward slashes.
- Save your changes to the file.
- Restart the Tomcat service.
Once you have generated a certificate, activated SSL for Tomcat, and restarted the Tomcat server, you can access the Web Console over an HTTPS connection.
To access the Web Console over a secure connection, in the address field of your browser, type:
https://[DNS name or IP address of Avalanche]:8443/AvalancheWeb