Certificate based Wi-Fi Connection -

dan_ruiz
New Contributor

We are trying to move our Wi-Fi solution away from a username&password solution to a certificate based solution. Currently our MacBooks are on a separate domain from our PCs and we do not have a CA server set up just yet in the Mac environment. Because our InfoSec team is pushing hard for this, we are going to deploy a generic user cert from our other domain, where the NPS is, to our Macs so that they are able to authenticate on the WI-Fi. I've managed to do this manually and it works fine, but when I deploy it via Jamf (Self-Serivce or automatically), the cert gets deployed but it won't connect to the Wi-Fi.

Has anyone run into a similar issue, or could provide some insight as to why it does not work?

5 REPLIES 5

TreviñoL
Contributor

Make sure to have the Root and Intermediate Certificates from the other domain in the system keychain and set them to ALWAYS TRUST manually. Do the same in the System keychain for the Machine Certificate you get from the CA from the other domain for the Mac. Best to set to ALWAYS TRUST as well. Make sure to create the computer object first in AD and that is matches the Mac hostname.

ammonsc
Contributor II

What system is your network team using? Are you sending the cert as part of the wireless profile? Is it 802.1x?

KyleEricson
Valued Contributor

I made a guide on this
my guide


Hire me as an independent contractor.

dan_ruiz
New Contributor

@TreviñoL @ammonsc

Hey sorry for the lack of responses, but we finally got it working. We were applying the cert a the computer level as opposed to the user level...small oversight on our part. After that change, we generated a new cert and it works now.

@kericson Thanks for sharing that page! We're going to use that as a reference

@dan_ruiz 

Hello , I'm having a similar network issue , do you have a solution without jamf on my issue: https://community.jamf.com/t5/jamf-pro/mac-os-network-issue-210922/td-p/247246

Thanks in advance.