Help

ADCS - When does certificate re-apply

jameson
Contributor II

Posted on ‎05-29-2019 04:47 AM

If a user is resetting the keychain the certificate that was applied from ADCS is of course gone. The configuration profile for the ADCS certificate is still there, but when will it re-apply the certificate again ?

Or must there be made something more fancy that if certificate does not exist ir will remove and add the config profile ?

0 Kudos
1 REPLY 1

Chris
Valued Contributor

Posted on ‎05-29-2019 05:25 AM

https://support.apple.com/en-us/HT204446
says

profiles -W -p <profileIdentifier value>

however
https://support.apple.com/en-us/HT204836
says

Certificates that automatically renew can't be renewed manually, including in Profiles preferences or using the profiles -W command. Automatic renewal occurs on the same schedule that determines when to show the Update button in Profiles preferences, or when to send the user a notification that the certificate is expiring.

So, no idea, last resort would be to un-scope and re-scope the profile, but that would suck as a workflow...

0 Kudos