Allumire
Contributor
Contributor

iOS iPad Client Certificate from AD CA, Error: COMException, RPC server unavailable.

Jump to solution

I am trying to apply a cert template to an application through a profile for device authentication to an internal server. I have the template created, selected in a profile under credentials, and assigned to an OG with a couple test iPads. After saving and publishing I went to see if it was successful, but see that none were. I am greeted with an error for each tablet saying Server Error: COMException while submitting enroll request: The RPC server is unavailable.

I am at a loss on where this issue is originating. Would this be a issue with the CA integration and talking to the AD host? Would it be an issue within Workspace ONE? I would appreciate any insight given on how I could go about resolving this issue! Thanks in advance.

0 Kudos
1 Solution

Accepted Solutions
DmitryKurdenkov
Enthusiast
Enthusiast

Hi!

1. Do you pass successfully test connection in your Certificate Authority configuration in console?

2. Does your Request Template, based on successfully passing test connection Certificate Authority, issuing template field has precisely the same string as it set up in CA template?

3. Does your account you enroll certificate on behalf of has enough privileges for the exact template on your CA?

4. In your CA template in Subject Name configuration it should be set to "Supply in the request"

5. If you add SUN's in CA template try to configure corresponding setting in console template.

It would be better if you have a chance to get access to CA template configuration. This would save time. I couldn't) And it was a big deal to configure.

View solution in original post

0 Kudos
2 Replies
DmitryKurdenkov
Enthusiast
Enthusiast

Hi!

1. Do you pass successfully test connection in your Certificate Authority configuration in console?

2. Does your Request Template, based on successfully passing test connection Certificate Authority, issuing template field has precisely the same string as it set up in CA template?

3. Does your account you enroll certificate on behalf of has enough privileges for the exact template on your CA?

4. In your CA template in Subject Name configuration it should be set to "Supply in the request"

5. If you add SUN's in CA template try to configure corresponding setting in console template.

It would be better if you have a chance to get access to CA template configuration. This would save time. I couldn't) And it was a big deal to configure.

0 Kudos
Allumire
Contributor
Contributor

Thank you, I am new to this, did not realize there was the Test Connection option under edit (it was configured by previous Airwatch Admin). I found that our AD admin made some changes to the host that is specified in the CA integration. So, now I need to see what steps need completed to get back to where we were and if we can not hard code a hostname for the CA config.

0 Kudos