1
votes

I have an interesting question to ask.

We are testing a SCEP service for MAC OS X not iOS and I know that iOS devices already have an embedded application for Over-the-Air Profile delivery whereby a certificate can be retrieve via SCEP as per the following link

https://developer.apple.com/library/ios/documentation/NetworkingInternet/Conceptual/iPhoneOTAConfiguration/OTASecurity/OTASecurity.html

I also know that on MAC OS X the same process can almost be replicated via a WIFI profile whereby if the WIFI profile indicates that a cert is required prior to connecting to an WIFI EAP-TLS network , the cert gets fetched via SCEP. An example is explained here: http://www.ntsystems.it/post/Joining-WiFi-before-login-on-Mac-OS-X-108.aspx

Now my question is the following, is it possible to retrieve a certificate via SCEP on a MAC OS X device as in the case of iOS over-the-air profile delivery; without necessarily having to connect to a WiFi network?

1

1 Answers

0
votes

Over-the-Air Profile Delivery is, as the name implies, a mechanism securely to install a given profile on the (iOS or OS X) device -- like the WiFi profile in your example.

But it can be any sort of profile. If I understand your question right, you could achieve what you want simply by replacing the WiFi profile in your setup with a SCEP profile. You can find the reference for the SCEP profile in the Configuration Profile Reference (ref). I think you can also create it using the Apple Configurator program.