Security

 View Only

  • 1.  Profile installation error on ipad - BYOD

    Posted Sep 23, 2024 02:44 AM

    Hello,

    I created a LAB environment to set up a tablet enrollment using the BYOD solution.
    However, when installing the profile on my iPad I get an error that says "The MDM server certificate for https://192.168.182.100/onboard/mdps_profile.php/afi010jh4efpi4sql3u41qnfg9 is not valid". 

    The clearpass server uses a signed auto certificate, the CA was imported on the tablet.

    On my android phone and windows it works properly, I can't find the solution. 



  • 2.  RE: Profile installation error on ipad - BYOD

    Posted Sep 23, 2024 02:46 AM

    You will need a public trusted server certificate (HTTPS) for Onboarding in ClearPass to work. The process will not work with self-signed or private certificates, or if it works it will be very unreliable.



    ------------------------------
    Herman Robers
    ------------------------
    If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

    In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
    ------------------------------

    Original Message


  • 3.  RE: Profile installation error on ipad - BYOD

    Posted Sep 23, 2024 04:07 AM

    Okay, I guess it would be complicated without public authority.

    Thank you


    Original Message


  • 4.  RE: Profile installation error on ipad - BYOD

    Posted Sep 23, 2024 10:40 AM

    Or better yet, use an MDM instead of OnBoard.  Integrate that MDM with ClearPass.


    Original Message


  • 5.  RE: Profile installation error on ipad - BYOD

    Posted Sep 23, 2024 12:18 PM

    Yes, I would not even attempt to implement Onboard without public trusted certificates. Sooner or later you run into issues if you ignore that point, and in most cases it's because the certificate/profile is not trusted by the client.



    ------------------------------
    Herman Robers
    ------------------------
    If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

    In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
    ------------------------------

    Original Message


Related Content