VMware Cloud Community
CiaM
Contributor
Contributor

Airwatch: Deployment of Certificates to iPhone for 802.1x Authentication

Hi Folks,

Does anyone have any experience enrolling certificates (MS PKI) on mobile devices (iphones & Android) for 802.1x authentication using Air-watch?

I'm looking to enroll computer certificates on mobile devices in Airwatch so they can connect to our Intranet Wireless SSID. We have been successfully doing this for all our corporate computers but now want to roll this out to our corporate mobile devices.

I have configured our CA, Air-watch cloud connector server and Air-watch GUI according to this manual AirWatch Certificate EOBO with ADCS via DCOM but I am experiencing issues.

In Air-watch GUI when attempting to 'sync' an iPhone I was receiving the following failed request messages on the CA 'The DNS name is unavailable and cannot be added to the Subject Alternate name DNS CERTSRV_E_SUBJECT_DNS_REQUIRED' so I know that Air-watch is at least able to get the request to the CA.

In response to this failure message I created a DNS record for th iPhone I was testing with. After this was completed I no longer received the 'DNS name unavailable' failure messages in the CA however the certificate still wasn't deployed to the phone and I still have an 'install failed' warning under the profile tab (for the Profile I created for the phone to use corporate SSID) on the iPhone device page in Air Watch.

I'm new to MS PKI and new to Air-watch so it's a double learning experience. Any guidance or alternative documentation would be greatly appreciated.

Regards

Ciaran

Reply
0 Kudos
0 Replies