Home
Using the Console
This section provides information about using the SOTI MobiControl console to perform the various management tasks.
Managing System Settings
Managing Certificates
Manage and deploy digital certificates in SOTI MobiControl, including manual uploads and dynamic certificates issued via integrated certificate authorities.
Deploying Managed (Dynamic) Certificates
Use integrated Certificate Authority (CA) services in SOTI MobiControl to automatically deploy, renew, and manage dynamic certificates for secure device authentication.
Step Two: Create a Certificate Template
Define templates to issue dynamic certificates using your integrated certificate authority.

Welcome to SOTI MobiControl 2026.0 Help
SOTI MobiControl is an enterprise mobility management solution designed to help you efficiently manage your organization's devices. Use the SOTI MobiControl Help Center to explore its full range of features.
What's New in SOTI MobiControl
Setting Up SOTI MobiControl
This section provides instructions for installing, activating, and upgrading SOTI MobiControl instances.
Using the Console
This section provides information about using the SOTI MobiControl console to perform the various management tasks.
- About the SOTI MobiControl Console
- Using Stella
- Managing Users
- Managing Devices
- Managing Configurations
- Managing Applications
- Managing Data
- Managing Certificates
  Manage and deploy digital certificates in SOTI MobiControl, including manual uploads and dynamic certificates issued via integrated certificate authorities.
- Monitoring Devices
- Troubleshooting Device Issues
- Generating Reports
- Managing System Settings
  - Managing User Menu Options
  - Configure SOTI Search Settings
  - Configuring Global Proxy
  - System Logs
  - Managing Certificates
    Manage and deploy digital certificates in SOTI MobiControl, including manual uploads and dynamic certificates issued via integrated certificate authorities.
    - Using the Certificates Dashboard
      The Certificates Dashboard in SOTI MobiControl offers a centralized view and management of all deployed certificates. It features interactive charts, detailed tables for static and dynamic certificates, advanced filtering, and bulk actions like renewal and revocation all in one place.
    - Deploying Manually Uploaded Certificates
      Deploy externally sourced certificates to devices using the Certificates profile configuration in SOTI MobiControl.
    - Deploying Managed (Dynamic) Certificates
      Use integrated Certificate Authority (CA) services in SOTI MobiControl to automatically deploy, renew, and manage dynamic certificates for secure device authentication.
      - Step One: Integrate Certificate Authority Services
        Integrate third-party Certificate Authority services in SOTI MobiControl to enable automated certificate life-cycle management. Supported services include ACME, ADCS, EJBCA, Entrust, SCEP, and Sectigo.
      - Step Two: Create a Certificate Template
        Define templates to issue dynamic certificates using your integrated certificate authority.
        Certificate Templates' Details
        Configure certificate template details in SOTI MobiControl to define how dynamic certificates are issued, including subject names, key settings, usage, and renewal options.
      - Step Three: Deploy Dynamic Certificates
        Deploy dynamic certificates to devices using templates and the Certificates configuration in SOTI MobiControl.
    - Managing Certificates on a Device
    - Issuing Enrollment and User Certificates Using ADCS
  - Identity Management
  - Integrating with SOTI ONE Platform Applications
  - Managing Terms and Conditions
  - Deleting SOTI MobiControl Servers
  - Microsoft Exchange Server Configuration
  - Microsoft Integration | Conditional Access
  - Microsoft Integration | App Protection Policy
- Other Features
- SOTI MobiControl Console Reference
System Health
View vital system stats in a variety of interactive, up-to-date charts and tables.
SOTI MobiControl Administration
This section provides information about how to perform various administrative tasks related to SOTI MobiControl. These tasks include monitoring your SOTI MobiControl system, changing deployment settings, integrating SOTI MobiControl with third-party applications, and performing various modifications that extend SOTI MobiControl beyond its standard configuration.
Using Package Studio
This section provides information about how to use SOTI MobiControl Package Studio to create data packages for devices.
Using Script Commands
Send scripts and execute commands on your devices with SOTI MobiControl. Script commands are supported on the following platforms:
Using SOTI MobiControl Stage
This section provides information about how to use SOTI MobiControl Stage to quickly and easily enroll devices.
Cloud Link Agent
Glossary
Notices

Step Two: Create a Certificate Template

Define templates to issue dynamic certificates using your integrated certificate authority.

Before you begin

Perform Step One: Integrate Certificate Authority Services.

About this task

Create certificate templates in SOTI MobiControl using your integrated Certificate Authority to issue managed (dynamic) certificates. Templates define how certificates are generated and assigned to devices, with support for unique device-specific macros. For details, see Deploying Managed (Dynamic) Certificates.

Tip: You can also create templates during the Certificate Authority service integration.

Note: Certificate Authorities may reject identical subject names used for more than one device in the same group. Use unique macros in your certificate templates for each device to successfully add certificates.

The following macros are available for subject alternate names:

Enrollment User*
Enrollment User Email Address*
Device Name
Device MAC Address
Device Serial Number
Device Platform

Important: To use the Enrollment User or Enrollment User Email Address macros, you must enroll your devices with LDAP.

Procedure

From the SOTI MobiControl main menu, select Global Settings.
From the Global settings menu, select Services > Certificate Authority. The Certificate Authority page displays.
Select your integrated certificate authority connection.
In the Certificate Authority dialog box, select Add () to define template details.

Note: Required fields vary based on the chosen certificate authority type. See Certificate Templates' Details.
Once configured, select Save to complete template creation.

Results

You have successfully defined a certificate template.

Note: When testing the functionality of certificate templates, use the default template for simplicity. If you must use a custom template, do the following:

In Template properties, under Issuance Requirements, set Authorize Signatures to 1.
For Policy type required in signature, select Application Policy.
For Application Policy, select Certificate Request Agent.

What to do next

Use the created template to deploy dynamic certificates to your devices. See Step Three: Deploy Dynamic Certificates.