Young man using laptop at home
Workspace ONE Unified Endpoint Management Featured

Enhance Chrome Management with the Workspace ONE UEM Extension


Starting in 2017, VMware and Google have partnered to offer an integrated management solution for Chrome OS with VMware Workspace ONE UEM. Today, organizations are facing the challenges of enabling distributed employees and rethinking mobility strategies. As a result, we are seeing increasing demand for Chrome OS devices in the enterprise as part of remote workforce solutions, for good reason. On its own, Chrome OS sets the benchmark for security, speed, simplicity, portability and affordability in mobile computing devices. Automatic updates, cloud-based architecture and flexible app support make Chrome OS the ultimate machine for both thin-client and high-performance use cases alike.  The modern management model of Chrome OS is also cloud-based, where devices are managed directly through Google, without needing a client, agent, or Intelligent Hub to be installed on the device.  Because of this cloud-based architecture, Workspace ONE UEM can support new capabilities with ease, and deliver valuable new configurations in almost every UEM Console release.  Also, with VMware’s close partnership with Google, we work together to deliver the most critical capabilities that our customers need to keep their businesses running smoothly.

While this management model provides native, streamlined enrollment and management for Chrome OS, we worked closely with customers to identify ways to enhance the offering around certificate management and device visibility.  With this direction in mind, VMware and Google have partnered on a new solution to deliver a broader, more sophisticated management stack as seen on other platforms.

Workspace ONE UEM Extension

VMware is pleased to offer the Workspace ONE UEM Extension for Chrome OS. Coupled with the Workspace ONE UEM console, administrators can fully manage directory user and device-based Microsoft ADCS certificates. With the best-in-class CA integration and certificate lifecycle management, administrators can manage the renewal period as well as revocation of the certificates. Because the deployment of the Extension, configuration and installation of certificates is completely silent, there is no additional action for the admin or the end user to take advantage of this new solution.


The UEM Extension adds unique value to the Chrome Enterprise with Workspace ONE UEM offering with the following benefits:

  • Full certificate lifecycle management (revocation & renewal).
  • The certificates will be exchanged between the Extension, the Console and the CA. This means certificates are no longer stored outside of the organization.
  • Certificate private key and request generation is handled client-side, which enhances security and reduces server load.
  • Certificates are hardware backed with Trusted Platform Module (TPM).
  • Silent installation of UEM Extension and certificates means no user interaction is required.
  • Both device- and user-based certificates are supported.
  • Certificates can be used for Wifi, VPN, web authentication and more.
  • Certificate details per device are viewable in the console.
  • Direct communication with console, which enables a faster device sync after enrollment.
  • The Enrollment User will now display the current logged in user, rather than the admin who enrolled the device.


To learn more about Chrome Enterprise and how it can modernize your workforce, please visit

To learn more about management of Chrome OS devices, please visit