@laptopbrent wrote:
Our Server certificate is signed by the clearpass onboard local CA.
Yes we realize this is not ideal. The only issues we have are onbaording mac 10.9. Onboariding other supported device si fine. issue.
I have attatched a screen shot of the error when someone tries to install a profile in 10.9.
Let me be clear: To even push a profile successfully to a device over https, the server certificate must be public and trusted by IOS. That is separate from the from the Onboard CA that actually issues the device certificate; that can be self-signed. If your server certificate is not public and trusted by IOS, you will get that error.
If you uncheck "require https for guest access" and start redirecting onboard users to the http version of the website and it works, not having a public certificate is the issue. If the http version of the website does not work, you have different problem and you should contact support: