Hello, we are trying to get SCEP certificate enrollment working between FortiAuthenticator and Google MDM (mobile device management).
We will push out a Google MDM wifi profile to all mobile devices requesting a SCEP certificate from FortiAuthenticator. It is not working for us and there is very little (if any) documentation on this.
Has anyone got FAC SCEP working with an MDM of any kind ?
Thank you kindly.
Hi,
not sure how it should be specific for MDM, but on FAC it should be as any other SCEP cert enrollment.
So components and config like SCEP template are supposed to be same.
Logging section should be helpful, also you can sniff CSRs sent to FAC as SCEP is supposed to be HTTP traffic by default. So have a look if you even received CSR on FAC and if the request did match to any enrollment template.
Tomas Stribrny - NASDAQ:FTNT - Fortinet Inc. - TAC Staff Engineer
AAA, MFA, VoIP and other Fortinet stuff
Hi xSilver,
I'm trying to figure this out now, quite some time after the original poster. Is there anywhere on the FAC debug logs that we could check for these CSRs? I'm not having any luck under "web server" and cant think of any other services listed that could be a match in https://facserver/debug.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1737 | |
1107 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.