Forum Discussion
Intune Standalone Device-Based Certificate Issue
Hi James,
just for info, device certificates have arrived in Intune.
see here: https://docs.microsoft.com/en-us/intune/whats-new#issue-scep-certificates-to-user-less-devices-
best,
Oliver
It seems that it works, but in my test environment I would like to use this device cert to connect to corp WiFi using WPA2-Enterprise profile created in Intune but failed. Somebody uses device based certs deployed by Intune to create corp WiFi network?
//Alexander
My customer implemented it and is it using currently.
It's also a supported scenario:
https://docs.microsoft.com/en-us/intune/wi-fi-settings-windows#enterprise-profile
Only SCEP profiles are supported when using EAP, PKCS certificate profiles are not supported.
best,
Oliver
my client is receiving device cert but could not connect to wifi, which I deploy to client using WiFi profile. It seems that WiFI profile + NPS is trying to use still user based cert.
It seems that I set everything correct
The only thing I don't understand this setting:
Server Trust
Certificate server names: Use with EAP-TLS, EAP-TTLS, or PEAP EAP types. Enter one or more common names used in the certificates issued by your trusted certificate authority (CA). If you enter this information, you can bypass the dynamic trust dialog shown on user devices when they connect to this Wi-Fi network.
What should I set here?
//Alexander
Just put in there your Certificate Authority common name like myca.mycompany.com. The setting defines the Server Trust so that the profile knows all certificates from this CA with the name specified can be trusted and therefore no additional popups are shown.
