JAMF SCEP Configuration
Follow these steps and the screenshots to configure JAMF to use Foxpass's SCEP for an EAP-TLS network.
Download Active Server CA
Download active Server CA from the EAP-TLSpage by clicking 'Download CA' under 'Server Certificate Authorities'.
Configure SCEP Profile
- Click on 'Certificates'
- Name - <e.g. Foxpass SCEP>
- Distribution Method - Install Automatically
- URL - Obtain the URL from SCEP page. It will be mentioned below 'Unique Endpoint' heading on the SCEP page. If you need to create a SCEPEndpoint, please see the screenshot below for reference.
- Subject - CN=<user's email address>
- Challenge - Copy the Challenge password from the SCEP page.
- Fingerprint - Click 'Upload Certificate' and select the CA certificate you downloaded earlier.
Email Address is required!
Make sure that every user in JAMF has an email address associated with their profile.
> 📘 Allow export from Keychain?
We recommend you don't allow export from Keychain, despite what the following screenshot shows.
Configure WiFi Profile
- SSID - Your network's SSID Note: this must match EXACTLY, including capital letters.
- Security Type - WPA/WPA 2 Enterprise
- Accepted EAP Types - TLS
- Identity Certificate - Select SCEP from the dropdown.
The profile will be installed and you can see a SCEP certificate under 'Client Certificates' on the EAP-TLS page.
Updated 3 months ago