We're deploying a computer level Wi-Fi profile with a SCEP certificate. When the cert is set to expire, it renews, but instead of replacing the cert, it just adds a new one to the system keychain. The end result is that the user accumulates a lot of old certificates and starts getting false notifications about an expiring configuration profile. Anyone else seen this?
Question
Computer Level Wi-Fi Profile leaves stale certificates
+11
+16While we don't have auto renew on, we are seeing the same thing when the user select the renew button. We totally rushed certs in to production and in out 5 or 6 tests we didn't see this behavior ..... leading me to think something isn't working on the Apple side...
C
+9We see the same thing however our Profiles are User Level and the certificates go into the Login Keychain.
I am considering looking at the Jamf Pro SCEP Proxy capability in Jamf Pro 10. https://www.jamf.com/resources/technical-papers/enabling-jamf-pro-as-scep-proxy/
I'm not sure if it is going to do what we are after but I'll see what happens.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.