Forum Discussion
Intune Standalone Device-Based Certificate Issue
Hi,
Standalone Intune + SCEP (PKI, NDES) is definitely possible, running it on several tenants. Your wish for device certs are not available at the moment. This is very well known by the PG and there is also a Uservoice item for it. Go ahead an vote it up:
best,
Oliver
Like I said, we are already using Intune/SCEP for user certificates. I was hoping that I was just doing something wrong for device-based certificates. Thanks for the information. I've already upvoted the user voice request. BTW, the scenario you layout in the comments in uservoice is almost EXACTLY the issue we are having: we have AAD-bound windows devices that need a device certificate so that the machine can connect to our wireless network at the login screen and so that new users can log in for the first time.
Hi James,
just for info, device certificates have arrived in Intune.
see here: https://docs.microsoft.com/en-us/intune/whats-new#issue-scep-certificates-to-user-less-devices-
best,
Oliver
It seems that it works, but in my test environment I would like to use this device cert to connect to corp WiFi using WPA2-Enterprise profile created in Intune but failed. Somebody uses device based certs deployed by Intune to create corp WiFi network?
//AlexanderMy customer implemented it and is it using currently.
It's also a supported scenario:
https://docs.microsoft.com/en-us/intune/wi-fi-settings-windows#enterprise-profile
Only SCEP profiles are supported when using EAP, PKCS certificate profiles are not supported.
best,
Oliver
