Cisco TLS Issue

daniel_behan
Contributor III

I'm trying to make a config profile that gets on wifi via a TLS cert obtained from an AD template. The profile installs, but Cisco is denying authentication because radius shows the computer is as the PKI ID assigned by the JSS instead of he actual HostName of the machine. Any suggestions?

2 REPLIES 2

jrserapio
Contributor

We ran into this as well. There seemed to be a problem with the profile and how it was selecting the cert. It was choosing the jamf mdm cert instead of the AD cert, since it went in alphabetical order, even though we were selecting AD cert in the profile. I will check with my counterpart as he was the one modifying the profiles. Basically there was a problem with one of the lines in the profile. I want to say there was a space on the line that was selecting the AD cert, so then the profile would then select the cert based on alphabetical order.

djwojo
Contributor

We had a similar issue where it was passing through the first cert available. We had to use the OS X Server Profile Manager to create the config, and then download/export. (I've heard the phone configurator works too, but i did not use it personally.) Next upload to JSS and the config worked flawlessly.