Tags: , , , ,


Forum Replies

  1. I’m getting stuck where the certificate gets installed on the iPhone. When I install the profile, I get “The SCEP server returned an invalid response”. There’s a couple of posts on Apple, etc to increase the query string for IIS, which I’ve done, but it didn’t help.

  2. Hi Cory,

    I’m glad to hear you like my material!

    First of all…the iphone and EAP-TLS is a pain, it took quite some time to get it working and to fully understand how it works. When you use SCEP like I did in this tutorial it will generate a “machine” certificate for your iphone but when the iphone authenticates itself it will ALWAYS present its certificate as a “user certificate”. As a result it will fail unless you manually map the certificate to the user account in the AD like I did in the “Map Client Certificate to User Account” section. Another issue is that

    ... Continue reading in our forum

  3. Ok, thanks for that Rene, again love your work and all your tutorials are great!

  4. You can authenticate MACs with EAP-TLS and certificates but this tutorial that uses the Iphone configuration utility is just for the mobile devices.

  5. Hi Bryce,

    Sorry for the late reply. I know that there are solutions out there that will provision your Iphones / Ipads with certificates and profiles but I’ve never worked with them before. Something like this:

    http://www.tower-one.net/en/products.html

    There’s probably a lot of products like that out there. With the number of Ipads you have you’ll need something that does the auto-enrollment or it’s way too time-consuming. Like you said, using a pre-shared key is not a good idea…there’s no way to tell who has the key or not or when it has been leaked.

    The probl

    ... Continue reading in our forum

16 more replies! Ask a question or join the discussion by visiting our Community Forum