Skip to main content
日本語 简体中文 繁體中文

[Access Control] Create Tenant Certificate / Renew

Include

  • Admins who use Tenant Certificates in Access Control
  • Admins who need to reissue Tenant Certificates due to certificate expiration, etc.

Purpose

  • This article explains the procedure for admins to issue or renew Tenant Certificates.

Notes

  1. The content of this article is based on the product specifications as of November 2025 and is subject to change without notice.
  2. To actually view the screens or change settings, Access Control global admin privileges or certificate admin privileges are required.
    For instructions on how to access the Administration, please refer to the following article.
    [Access Control] How to log in to the Administration

Procedure

Create Tenant Certificate

  1. From the Access Control Administration, go to [Certificate] - [Tenant Certificates].

    スクリーンショット 2025-10-28 16.22.41.png

  2. Review the overview of the Tenant Certificate, the service terms, and notes. Check the checkbox and click "Create Tenant Certificate".

    注意事項.png

  3. On the certificate issuance screen, click [Issue New Certificate].

    スクリーンショット 2025-11-06 12.34.24.png

  4. On the certificate download screen, click [Download Certificate].

    スクリーンショット 2025-11-06 12.36.30.png

  5. On the certificate distribution screen, the password for certificate installation will be displayed. Make sure to note the value.
    After noting the value, check the checkbox and click [Done].
    * If you close the screen, you will not be able to retrieve the password, so be sure to obtain it.

    スクリーンショット 2025-11-06 12.37.32.png

  6. You will be redirected to the Tenant Certificates Administration.
    * If iOS devices are included in the distribution targets, please also download the intermediate certificate from [Other Certificates].
    For iOS, both the Tenant Certificate and the intermediate certificate must be distributed.

    スクリーンショット 2025-11-06 12.39.19.png

Required steps to use Tenant Certificates

  1. Use an endpoint management service such as MDM to distribute the Tenant Certificate to the target devices.
    * For iOS, both the Tenant Certificate and the intermediate certificate must be distributed.
    * For the procedure to distribute certificates using MDM or other services, please check with your service provider.
  2. In the Access Policy, add a condition to allow access using the Tenant Certificate.
    For details, please refer to the following article.
    [Access Control] How to write access conditions 

Renew Tenant Certificate

  1. From the Access Control Administration, go to [Certificate] - [Tenant Certificates].

    スクリーンショット 2025-10-28 16.22.41.png

  2. A list of currently valid certificates will be displayed. Click [Create New].

    スクリーンショット 2025-11-06 12.42.27.png

  3. Follow steps 3 and onward in the Create Tenant Certificate procedure to download the certificate.

    The following steps should only be performed if you need to revoke the old certificate.
    * Once you perform these steps, authentication with the old certificate will no longer be possible.
    It is recommended to revoke the old certificate only after the new certificate has been distributed.

  4. In the Tenant Certificates Administration, click [Revoke] for the old certificate.

    スクリーンショット 2025-11-06 12.43.42.png

  5. The Confirm revocation screen will be displayed. Review the content, check the box, and click [Revoke].

    スクリーンショット 2025-11-06 12.44.46.png