OS X: Requesting certificates from a Windows Certificate Service

 Mac OS X, Windows  Add comments
Jul 182012
 

Recently a new customer contacted us regarding the integration of OS X devices into his already deployed WiFi infrastructure.

They have several access points that create a company wide WPA2 Enterprise 802.1X network. WiFi access is controlled by a Windows RADIUS server and requires a per user certificate that can be obtained from the Windows Certification Service.

Until now they manually requested the certificate on a Windows machine using MMC‘s Certificate Snap-In and transfered it to the Mac’s user Keychain.

Solution

This steps can be automated with the help of the Windows Web Certificate Service and OS X Lion’s Configuration Profiles.

Here’s what you need:

  • Windows Web Certificate Service (http://certserv.mydomain.private/certsrv)
    Details can be found in the MSDN.
  • OS X Lion or higher
  • Hand-written configuration profiles as described in Apple’s KB entry.
    You can download my demo profiles here.

If you also have to support older Mac OS X versions you can use the Web Certificate Service to semi-automate the process. Additionally other operating systems (like GNU/Linux) are also able to obtain certificates!

 

 Leave a Reply

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

(required)

(required)