How to Enroll your Android Device on Avalanche On Premise

Version 15

    Verified Product Versions

    Avalanche 6.1Avalanche 6.0

    Environment:

    Avalanche 6.0 or 6.1 On-Premise

    Android 4.4.x device

     

    How To Enroll Your Android Device:

    1. Create a self-signed Certificate
    2. Configure your Tomcat to use HTTPS
    3. Configure the Avalanche Server
      • Move the ca.pem file to the wam folder
    4. Create enrollment rule
    5. Download the Avalanche App
    6. Connect to the Avalanche Server

     

    Create a Self-Signed Certificate

     

    Follow this article: Avalanche 6.X Smart Device Certificate Utility and create a self signed certificate

     

    NOTE: DO NOT PUT NUMBERS AT THE BEGINNING OF THE PASSWORD FOR THE SELF-SIGNED CERT. This will cause it to not work correctly.

     

    Once you have created the certificate, make sure to copy and paste you certificate [yourserver].p12 in the following places:

     

    1. The Wavelink Installation Directory C:\Program Files\Wavelink

    avalanche folder.PNG

     

    Configure the Avalanche Server

    • Connect to the Avalanche Web Console and navigate to the Tools > System Settings
    • Find the HTTPS Configuration
    • Add the [yourserver].p12 certificate
    • Enter the correct password for the certificate

    System settings.PNG

    Move the ca.pem file to the wam folder

    NOTE: When the device can't find the ca.pem file, it will then try and download the cert from the Smart Device Server over Port 8888 (non-secure port of the smart device server).

     

    1. Stop Wavelink Tomcat service
    2. Navigate to C:\Program Files\Wavelink\Avalanche\SmartDeviceServer\conf
      ca pem file.PNG
    3. Copy the ca.pem file
    4. Paste it to C:\Program Files\Wavelink\Avalanche\SmartDeviceServer\webapp\wam
      wam.PNG
    5. Rename the 'ca.pem' file to 'server.crt'
    6. Start the Wavelink Tomcat Service

     

    NOTE: If you are installing a self signed certificate then the Android OS will force you to add a passcode for security purposes. This is not related to Wavelink / LANDESK.

     

    Create the enrollment rule

     

     

    Connect to the avalanche Server

     

    Connect to the device with Remote Control

    • Open the enabler
    • Type the IP Address in the Remote Control Server Address

    ON DEVICE Android Enabler Screen RC.PNG

     

     

    [Optional] Configure Server to use HTTPS

     

    1. Navigate to [Avalanche installation directory]\Wavelink\Avalanche\apache-tomcat-7.0.35\conf and open the server.xml file with a text editor such as Notepad.
    2. Find the following line: <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true" maxThreads="150" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" />
    3. Remove the comment markers <!-- and --> so that the section is not commented out.
    4. Replace the section to contain the following information:

      <Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol" SSLEnabled="true" maxThreads="150" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" keystoreFile="C:/Program Files/Wavelink/certificate.p12" keystorePass="password" keystoreType="PKCS12" />
      Where the keystoreFile value is the path to the certificate and the keystorePass value is the password you entered when creating the certificate. In the path to the certificate, use forward slashes.
    5. Save your changes to the file.
    6. Restart the Tomcat service.

     

    Once you have generated a certificate, activated SSL for Tomcat, and restarted the Tomcat server, you can access the Web Console over an HTTPS connection.

    To access the Web Console over a secure connection, in the address field of your browser, type:

     

    https://[DNS name or IP address of Avalanche]:8443/AvalancheWeb