Help

Computer Level Wi-Fi Profile leaves stale certificates

mapurcel
Contributor III

Posted on ‎04-06-2018 09:27 AM

We're deploying a computer level Wi-Fi profile with a SCEP certificate. When the cert is set to expire, it renews, but instead of replacing the cert, it just adds a new one to the system keychain. The end result is that the user accumulates a lot of old certificates and starts getting false notifications about an expiring configuration profile. Anyone else seen this?

0 Kudos
Reply
2 REPLIES 2

gachowski
Valued Contributor II

Posted on ‎04-10-2018 02:36 PM

While we don't have auto renew on, we are seeing the same thing when the user select the renew button. We totally rushed certs in to production and in out 5 or 6 tests we didn't see this behavior ..... leading me to think something isn't working on the Apple side...

C

0 Kudos
Reply

PatrickD
Contributor II

Posted on ‎04-10-2018 09:03 PM

We see the same thing however our Profiles are User Level and the certificates go into the Login Keychain.

I am considering looking at the Jamf Pro SCEP Proxy capability in Jamf Pro 10. https://www.jamf.com/resources/technical-papers/enabling-jamf-pro-as-scep-proxy/

I'm not sure if it is going to do what we are after but I'll see what happens.

0 Kudos
Reply