Unable to push SCEP config

Avatar
expand collapsive

Hi, we tried to push SCEP config to our iOS devices but we are receiving some error message like “Failed to apply the action to the device. The Registration Authority’s response is invalid”. The information entered in the policy is correct. Please advise.

Tags:

All Replies

  • Avatar

    Deema

    Participant

    Deema

    Participant

    We also monitored the web server logs on the NDES server and didn’t even see the request come through even though it says the operation failed with the above message in the Action history logs.
    Is there something additional to do which we are missing out?

  • Zach Goodman

    Zach Goodman

    Hexnode

    Zach Goodman

    Moderator

    Hello @Deema, sorry to hear you had to face the issue. The problem you are facing could be either caused by the version of the iOS on your endpoint or the certificate used to authenticate the connection.

    To check if the issue is connected to the iOS version, you can test the same configuration on iOS 13 or lower devices. We are aware of an issue that occurs in iOS 14 that is related to the domain name resolution of the SCEP server. This is in line with the changes introduced in iOS 14 by Apple.

    To check if the issue is connected to the certificated used to authenticate the connection, validate the minimum requirements for trusted certificates in iOS from Apple’s support page.

    Regards,
    Zach Goodman
    Hexnode UEM

  • Avatar

    Layla

    Participant

    Layla

    Participant

    @deema adding on what @zachGoodman said you should check the TLS certificate requirements. They have also added certificate validity changes, made it to have a maximum of 398 days validity – https://support.apple.com/en-us/HT211025