EAP-TLS automation

@justice.lammers Are you using a certificate system that supports SCEP? If so, you can use a User Level Configuration Profile with SCEP and Network payloads to send the certificate to a managed Mac and configure both Wi-Fi and wired network connections to use it.

@sdagley Thanks so much for your response! I have done exactly this and it works great. My goal, however, is to find a way to pull the specified p12 file (username.p12) from a pool of them located on a server and automate the process of uploading them to the "certificate" jamf section (within configuration profile) to the specific machine (asset # whatever, which has a local profile equivalent to the username.p12) so that we don't have to manually upload hundreds of users and upload future new users. Hope this clears up my question and would love to see if anyone has a solution and if it's even possible!?!

@justice.lammers With a SCEP payload you can send a request to your certificate server to generate the certificate for a specific user when the profile is being delivered. You do not need, or want, to pre-generate them. While you could script something to pull pre-generated certificates from your server you wouldn't be able to use a configuration profile to install them.