- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
SCEP Cert Deployment for Android
Trying to deploy SCEP certs for an Android device and keep getting a notification on the device itself which says "Please ensure that a password is set to enable certificate installation". I'm having trouble figuring out exactly where this password needs to be applied. The device has a policy to apply a passcode so don't think that is it. The config for the SCEP Cert itself doesn't ask for a password and there's no Meraki documentation that refers to this that I have been able to find. Hoping someone here has come across this issue before and can help. Thanks in advance!
- Labels:
-
Android
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Maybe this?
https://documentation.meraki.com/SM/Profiles_and_Settings/Certificates_Payload_(Pushing_Certificates)
Please, if this post was useful, leave your kudos and mark it as solved.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I saw this but this doesn't seem to be related to other types of certs. I'm referring to this basically https://documentation.meraki.com/General_Administration/Organizations_and_Networks/Organization_Menu...
I've signed the cert using my CA and then tried to issue certs from that using a config profile
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
You need to generate a key:
Please, if this post was useful, leave your kudos and mark it as solved.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
yeah I followed that to the letter. I extracted the private key from my root CA (I'm using Microsoft CA) in order to sign this with openssl.
Then I go to create a SCEP cert config and that's where things get stuck
I feel there's something in between that I'm missing but not sure
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
First step is to ensure that there's a PIN on the device. Having just the policy isn't good enough. The PIN needs to be there. No PIN, no certs
Secondly, you don't need to do any of the steps below. Just a SCEP policy, as below:
And just make sure you've followed the steps here:
Signing the Meraki MDM CA with your own - YouTubehttps://www.youtube.com › watch
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @PaulF I do have a passcode policy set as well
and it indeed did enforce the creation of a passcode on the device.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Having the exact same issue. Did you ever find a solution? It seems like the SCEP cert should be deployed to the work profile and it seems like it doesnt think there is a passcode in the profile that it wants to install the cert in.