Device/computer based certificates for iPad

Discussion in 'iPad Tips, Help and Troubleshooting' started by bingdude, Dec 1, 2010.

  1. bingdude macrumors newbie

    Joined:
    Dec 1, 2010
    #1
    Hi all,

    We are trying to setup an iPad to use device/computer based certificates for 802.1x authentication for wifi. We have created a computer based certificate from our MS PKI server and imported into our IPad via the IPad configuration utility. When we try to connect to the SSID it acts as if it's trying to send a user account vs. the device/computer account.

    Does the iPad even support device/computer certificates or does it only support user based certificates only?

    Thanks in Advance.
     
  2. hutchej macrumors newbie

    hutchej

    Joined:
    Jul 9, 2010
    Location:
    Toronto, ON, Canada
    #2
    Hi bingdude,

    I'm trying to do the same thing with Entrust certificates that are device based. The following document: http://images.apple.com/ipad/business/docs/iPad_Certificates.pdf seems to indicate that the iPad will support digital certificates, however it doesn't specify whether or not they are hardware or user based.

    I'll let you know if I make any progress in the next few weeks as I actually have time to test this out.
     
  3. hutchej macrumors newbie

    hutchej

    Joined:
    Jul 9, 2010
    Location:
    Toronto, ON, Canada
    #3
    Fast forward to end of Feb 2011 and I have a solution to connecting the iPad to our Corporate WLAN.

    Using the iPhone Configuration Utility I configured the following attributes with in a new configuration profile:
    • General (because it is mandatory)
    • Credentials (2 payloads)
    - One for the Certificate Authority Certificate
    - One for the Device based certificate​
    Note: the device based certificate must have a policy in place to allow the private key to be exported.
    • Wi-fi
    - SSID - name of your corporate WLAN network
    - Security type - WPA/WPA2 Enterprise (if our case)
    - Protocols - Checked: TLS, TTLS, LEAP, EAP-FAST, EAP-SIM
    - Inner Identity: MSCHAPV2
    - Authentication Tab - Select the device certificate you added in the 'Identity Certificate' drop down
    - Trust Tab - Ensure the Certificate Authority certificate is in the 'Trusted Certificates' box.​

    Connect the iPad and push the profile to the device and you should be able to connect with corporate wifi that uses device based certificates. If there are any questions I'm sure I can help you out!
     
  4. bingdude thread starter macrumors newbie

    Joined:
    Dec 1, 2010
    #4
    Hi hutchej,

    Thanks for the update! I'll be trying it out here soon.
     
  5. bingdude thread starter macrumors newbie

    Joined:
    Dec 1, 2010
    #5
    I got the computer cert on the ipad. We are using NPS(IAS) as our radius piece. We've even created an AD computer object for the iPad, but the authentication isn't working right. It seems to still look for a user object.
     
  6. scott-the-admin macrumors newbie

    Joined:
    Jun 30, 2011
    #6
    Hi Bingdude,
    Did you ever find a solution to this issue? I am have run into the same problem. I've set up the cerificates and profile and installed via the iPhone configuration utility. However, when I attempt tp connect to our WPA2 Enterprise WiFi, I get promted for a password. Any help you could lend would be greatly appreciated. My executive director is anxious for her new iPad2.

    Scott
     

Share This Page