9 Replies Latest reply on Jul 21, 2020 10:02 AM by Ramkumara11

    Microsoft CA Certificate Wifi Acces & Cisco ISE (ADCS via DCOM / NDES via SCEP ?!?)

    sbenkel Novice

      Hi everybody.

       

      i´m struggling with the task to set up Certificate based authentication with a Microsoft Root CA and cisco ISE as the authenticator - never done something like this before.

       

      The goal is the following:

      Certificate based authentication of the mobile devices over the cisco ISE Cluster as an authenticator with Airwatch & Microsoft CA.

      I just want to implement a simple certificate based authentication with a root ca + a device based certificate?

       

      Now i read a lot about ADCS via DCOM and NDES via SCEP and so on but im not sure which technology or setting i should use for my usecase.

       

       

      AD CS via DCOM

      NDES via SCEP

       

      What steps should be done to achive a certificate based wifi authentication like planned?

      1.   In each case i need a Microsoft certifcate authority (CA)

      2.   Duplicate/Create a Certificate Template in the CA + activate it

      3.   Configure CA and the certificate template in WS One so that Workspace ONE UEM can retrieve a certificate from a CA

      4.  Configure the certificate template (request template) in Airwatch

       

      I have seen different setings for certificates:

      In the Profile Settings (IOS/Android) i can configure Credentials Payload

       

      Also in the Wi-Fi Paylod in the Profile Settings i can add Trusted Server Certificate Names and see Trusted Certificates.

       

      Im not sure how everything works together and which configuration is rearly neccesary. I´m still on research for everything but maybe someone done this before and could give me a push in the right direction? I already read the existing postings to this topic but couldn´t figure out the right information.

       

      If someone has some experience and is willing to share with me than i would realy be thankful for!

       

      Cheers and thanks a lot

       

      Sven