I have a RADIUS policy for WiFi access that requires a certificate to be on a WiFi device, e.g. iPhone.
I have this working using Client Authentication certificates, but the process is very manual.
We have recently setup an MDM solution that utilises a SCEP server to create a certificate and place it on the iPhone.
However, the SCEP only seems to create "IP Sec IKE Intermediate" certificates, whereas I want to put "Client Authentication" certificates on the phones.
I changed the 3 registry entries in
HKEY_L_M/SOFTWARE/Microsoft/Cryptography/MSCEP
to point to the Client Authentication certificate template that I want to be used to create certificates to be installed on the iPhone. But a certificate is not created.
Will SCEP only create and install an "IP Sec IKE Intermediate", e.g. IPSEC (Offline Request), certificate?
What am I doing wrong when trying to use SCEP with an MDM solution to get a certificate on a device to allow them access to our corporate WiFi network?
Thanks.