AD CS Certificate Expiration/Renewal - Mobile Devices

Hey @tomgluver Great question, and yes the ADCS Connector with Jamf Pro will automatically renew the certificate 10 days before expiration. This has been noted in the ADCS Connector Technical Paper here: http://docs.jamf.com/technical-papers/jamf-pro/integrating-ad-cs/10.6.0/Distribute_Certificates_Using_Configuration_Profiles.html

Hi @mwoodruff

We are looking to install certificate-based WIFI also and I trying to gather information and an understanding to provide to our network team.
On the Macs we are currently using RADUIS AD AUTHENTICATION am I right in thinking we can't use this method on IOS devices?
So the only way is installing the ADCS connector on a server to allow the trust.

thanks

@adamnewman You absolutely should be able to use Radius based authentication for iOS devices, with the understanding that iOS/iPadOS is a single-user device, therefore device based authentication would be the best route since that also identifies the user. (Even in a Shared iOS experience in education, the device will only authenticate once using device based authentication compared to macOS.) The use of Jamf's ADCS integration is great when simple SCEP based obtainment of certificates are not available, but the organization has authorized the use of DCOM libraries in Microsoft CA.

Hi everyone, i have a jamf ADCS connector in my internal network, which performs requests to my internal microsoft CA for wifi and vpn certificates. Since i have this configured; my jamf connector will auto renew all those certificates in my macs keychain that it issued, and it will renew them close to expiration automatically? how does jamf connector know what certificates are about to expire, and to reissue them? if this is true, then this is great, not sure yet how it works however.