I'm unable to deploy a PFX certificate after setting up the NDES connectors and the required certificate template it simply doesn't seem to be doing anything. I've matched the EKU of the certificate template in Intune as well as the CA name and validity period.
I've managed to deploy Root certificates fine but not PKCS certificates, I assume I need to deploy this to a user group as Intune supplies the relevant subject and SAN names?
So I fixed this now, it was the way I exported the root certificate I
think. So I just exported the certificate from the CA itself from the CA
application and uploaded that to Azure. I was getting quite a few errors
to do with an X509 certificate being null. So instead I ran certutil
-ca.cert certnew.cer and created a certificate file from that and
uploaded that into Azure. I then selected that on the PKCS config policy
for Android and now I can see the cert on my phone and the NDES
connector isn't throwing any errors.