Forum Discussion

AshJor's avatar
AshJor
Copper Contributor
Oct 03, 2022

Intune PKCS renewal

Hi Everyone,

I have recently set up Intune to deploy certificates for Wireless authentication.
As part of this process

Install a certificate connector on a root ca
Create a user certificate template, which has 12 months' validity
In Intune create a few configuration policies,
3a. Wireless configuration which involves adding SSID and EAP type, in this case, EAP-TLS
3b. The root certificate
3c. PKCS certificate.
I have deployed the three configuration profiles and all devices are connecting to our Enterprise wireless using EAP-TLS ( which utilizes both the root and a client cert (PKCS)
Now my actual question is, after 12 months when the user PKCS certificate expires on a device how will the user/intune renew the certificate?

I am just very confused about what happens to devices that have this (PKCS) configuration policy deployed after the certificate expires.

Many Thanks in advance for any response

Regards
Paul

  • DBerry2's avatar
    DBerry2
    Copper Contributor
    Hello Paul,

    I haven't done a deployment using PKCS but have with SCEP and at least on the SCEP side you set a Renewal threshold % and the certificate will be renewed when it's life gets down to that Renewal threshold. I left it at 20%
    • AshJor's avatar
      AshJor
      Copper Contributor
      Thanks Dberry2, you have made me sleep well at night

Resources