This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.
I'm following the guide to integrating ISE with Intune.
In the step of 'Export ISE System Certificate', I got stuck since my customer uses all CA signed certificates separated by Admin, Portal, EAP-Auth, pxgrid service.
Which one shall I export in this case?
Additionally, if it is the one EAP-Auth cert I should export, is it needed to have EKU both client authentication (188.8.131.52.184.108.40.206) and server authentication (220.127.116.11.18.104.22.168.1) in the certificate?
Currently, we only have Server auth for the purpose of client 802.1x EAP-TLS.
Solved! Go to Solution.
What Mohammed al Baqari said appears correct. It appears Microsoft Intune using the ISE admin certificate(s) to validate the requests and, hence, the client auth on them.