Skip to main content
tedauction
tedauction
New Member
June 18, 2019
Question

Fortiauthenticator SCEP with MDM ?

  • June 18, 2019
  • 2 replies
  • 3459 views

Hello, we are trying to get SCEP certificate enrollment working between FortiAuthenticator and Google MDM (mobile device management).

We will push out a Google MDM wifi profile to all mobile devices requesting a SCEP certificate from FortiAuthenticator. It is not working for us and there is very little (if any) documentation on this.

Has anyone got FAC SCEP working with an MDM of any kind ?

Thank you kindly.

    2 replies

    xsilver_FTNT
    Staff
    xsilver_FTNT
    Staff
    July 8, 2019

    Hi,

    not sure how it should be specific for MDM, but on FAC it should be as any other SCEP cert enrollment.

    So components and config like SCEP template are supposed to be same.

    Logging section should be helpful, also you can sniff CSRs sent to FAC as SCEP is supposed to be HTTP traffic by default. So have a look if you even received CSR on FAC and if the request did match to any enrollment template.

      shikhakolekar
      Staff
      shikhakolekar
      Staff
      December 18, 2025

      Hello, 

       

      Having this updated so it can help others as well. 

      You can have the SCEP added as per document https://docs.fortinet.com/document/fortiauthenticator/8.0.0/administration-guide/527816/scep, logs can be checked by navigating on https://facserver/debug  >> Others >> SCEP/CMP. A packet capture as well helps. 

       

      If you have found a solution, please like and accept it to make it easily accessible for others.

        Terms & ConditionsAccessibility statement