cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED

iOS: SCEP Enrollment - Certificate Renewal

DjeeeD
Copper Contributor

‎Mar 02 2022 11:37 PM

‎Mar 02 2022 11:37 PM

iOS: SCEP Enrollment - Certificate Renewal

Dear Community,

We successfully created a SCEP Policy to push certificates to our iOS devices.

It uses a OnPremise NDES Server and Microsoft PKI (via Azure Application Proxy).

 

Certificates have a lifetime of 1 year.

Does anyone know, if Intune automatically starts a renew process before expiration date?

 

I received information from one consultant that they are not automatically renewed. But this would mean I have to manually monitor each expiration date and trigger somehow the renewal.

 

Can't image that this is the desired behaviour.

 

THanks a lot,

Chris

Labels:
3,396 Views
0 Likes
4 Replies
Reply
4 Replies
best response confirmed by DjeeeD (Copper Contributor)
Harm_Veenstra

‎Mar 03 2022 12:02 AM

‎Mar 03 2022 12:02 AM

Solution

Re: iOS: SCEP Enrollment - Certificate Renewal

In the Configuration Profile there is a renewal theshold percentage, this is 20% by default I think. At 20% of the life-time, it will contact the server again to request a new one.. You should check your Configuration Profile for your setting.
0 Likes
Reply
DjeeeD

‎Mar 03 2022 12:40 AM

‎Mar 03 2022 12:40 AM

Re: iOS: SCEP Enrollment - Certificate Renewal

@Harm_Veenstra 

Hello Harm,

Thanks a lot. Seems that I missed that part :)

That answers my question!

1 Like
Reply
Harm_Veenstra

‎Mar 03 2022 01:13 AM

‎Mar 03 2022 01:13 AM

Re: iOS: SCEP Enrollment - Certificate Renewal

No problem, please mark my answer as solution to mark it as solved
0 Likes
Reply
Sebastian Cerazy

‎Dec 02 2022 12:43 AM - edited ‎Dec 02 2022 05:54 AM

‎Dec 02 2022 12:43 AM - edited ‎Dec 02 2022 05:54 AM

Re: iOS: SCEP Enrollment - Certificate Renewal

I have the expected default 20% but on many user's devices it did NOT renew & simply expired, cutting people of from WiFi access on the day
If I plug in to ethernet, it almost instantly renews for most of the affected users

 

I can see for some devices totally unhelpful error:

 

SebastianCerazy_0-1669971514902.png

 

And nothing more after that, no error no, nothing more when clicked on it

0 Likes
Reply
1 best response

Accepted Solutions
best response confirmed by DjeeeD (Copper Contributor)
Harm_Veenstra

‎Mar 03 2022 12:02 AM

‎Mar 03 2022 12:02 AM

Solution

Re: iOS: SCEP Enrollment - Certificate Renewal

In the Configuration Profile there is a renewal theshold percentage, this is 20% by default I think. At 20% of the life-time, it will contact the server again to request a new one.. You should check your Configuration Profile for your setting.

View solution in original post

0 Likes
Reply