Edit: Seems to be a known issue for each new Clearpass install.
TAC is troubleshooting the issue right now.
I'm trying to enroll client certificates via EST and created a Root CA on clearpass where the EST option is checked:
As soon I try to request it with a client that already imported the HTTPS certificate of my Clearpass root CA successfully, the client can't reach it. The BYOD Operator user was configured already, adding it to the URL doesn't help. There is no EST request seen on the Clearpass, the switch doesn't get a reply.
Now I tried to open the URL in my web browser to see if it's responding. I get following output:
I know that I can't request a certificate via my web browser, I only use it to validate if EST is replying.
For the same CA SCEP is configured which is working successfully without any issues.
Did I forget to enable a global EST option?
Would be great to get some help.