Event banner

Utilize, configure, and manage Cloud PKI like a pro

Event Ended
Tuesday, Mar 04, 2025, 09:30 AM PST
Online

Event details

Microsoft Cloud PKI in depth! Start with a tour of the significant improvements made to this Microsoft Intune Suite feature since its release in March 2024. We’ll then offer comprehensive guidance for several critical areas:

  • Proper deletion of a certificate authority: Learn the essential steps to correctly delete a certificate authority, ensuring a smooth and error-free process.
  • Microsoft NPS (RADIUS) configuration: Get expert advice on configuring Network Policy Server (NPS) when using Cloud PKI, including best practices and common pitfalls to avoid.
  • Upcoming leaf certificate reporting improvements: Discover the new enhancements in leaf certificate reporting that will soon be released and understand how they can benefit your organization.
  • SCEP certificate profile configuration: Gain insights into the common challenges and solutions when configuring a SCEP certificate profile so you can streamline your setup and avoid potential issues.

This session is designed for IT professionals and administrators who are looking to deepen their understanding of Cloud PKI and get up-to-date on the latest advancements. Don't miss this opportunity to enhance your skills and help ensure your organization's PKI infrastructure is optimized for success.


Speakers: Bill Calero, Jack Poehlman

 

 

This session is part of Microsoft Technical Takeoff: Windows and Intune.

Pearl-Angeles
Updated Mar 12, 2025
Technical Takeoff

39 Comments

Sort By
Comments have been turned off for this event
Show More
  • richardhicks's avatar
    richardhicks
    Copper Contributor
    Mar 04, 2025

    The issuing CA certificates for Intune Cloud PKI do not include CDP information. How is reovcation of an issuing CA checked without it?

    • Bill Calero's avatar
      Bill Calero
      Icon for Microsoft rankMicrosoft
      Mar 04, 2025

      Hey richardhicks ...  we do provide a CRL CDP for all CA's... are you referring to a different CDP .. can you clarify?

      • richardhicks's avatar
        richardhicks
        Copper Contributor
        Mar 04, 2025

        The issuing CA certificate for my cloud PKI instance does not have CDP information, which causes problems for NPS because it fails a revocation check. Certutil.exe -verify reports "Revocation check skipped - no revocation information available" when checking the issuing CA certificate.

  • Roger_Truss's avatar
    Roger_Truss
    Brass Contributor
    Mar 04, 2025

    Will there be a roadmap for Linux?  Even if it's a script, support for that Platform would be greatly appreciated due to Wi-Fi cisco requiremetns.

    • Bill Calero's avatar
      Bill Calero
      Icon for Microsoft rankMicrosoft
      Mar 04, 2025

      I'm a long time Linux supporter .. inside secret - I worked at SuSE linux for a few years :-) 
      Unfortunately, as you know we dont have linux SCEP cert profile support ATM.  I would love to get this addressed, but have no roadmap commitment to share.  

  • dmuscat's avatar
    dmuscat
    Occasional Reader
    Mar 04, 2025

    Can I use this solution to generate certs for SSO configs, websites, LDAPS, etc... for non intune solutions?

    • dmuscat's avatar
      dmuscat
      Occasional Reader
      Mar 04, 2025

      Ok I can see it was covered by BYOCA. Question now is that can I manage those CA's thru the Cloud PKI portal UI or do I still need to use traditional means for that mgmt?

       

    • Bill Calero's avatar
      Bill Calero
      Icon for Microsoft rankMicrosoft
      Mar 04, 2025

      Good question, C-PKI can issue a cert to any Intune enrolled and managed device - platforms supported: Windows, iOS, macOS, Android.  If the device is not enrolled in Intune we cannot issue a cert.  Note: an issued cert to any of these platforms can provide cert-based-auth to websites, apps and resource access endpoints like WiFi, VPN - providing an SSO experience.

      • ucbryanweaver's avatar
        ucbryanweaver
        Copper Contributor
        Mar 04, 2025

        Would I have to license Cloud PKI for everyone, or can I just do a subset?

    • Bill Calero's avatar
      Bill Calero
      Icon for Microsoft rankMicrosoft
      Mar 04, 2025

      Absolutely, C-PKI can issue a cert to a hybrid joined device that is managed by Intune.

       

  • Heather_Poulsen's avatar
    Heather_Poulsen
    Icon for Community Manager rankCommunity Manager
    Mar 04, 2025

    Welcome to “Utilize, configure, and manage Cloud PKI like a pro” at Microsoft Technical Takeoff. Q&A is open now and throughout the week. Please post any questions or feedback here in the Comments.

Date and Time
Mar 4, 20259:30 AM - 10:30 AM PST