Can we use the ISE 2.0: Certificate Provisioning Portal and act as the SCEP server for the Cisco IP phones like 8821?
ISE 2.0: Certificate Provisioning Portal - Cisco
I can see that 8821 IP phones can be setup for the SCEP server.
https://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cuipph/8821/english/adminguide/w88x_b_wireless-8821-8821ex-admin-guide/w88x_b_wireless-8821-8821ex-admin-guide_chapter_011.html#reference_7AA746980735854B1FB96BCE1D7AD1E1
+++++++++++++++++++++++
See the below
+++++++++++++++++++++++
Configure the SCEP Product Specific Configuration Parameters
You must configure the following SCEP parameters on your phone web page
- RA IP address
- SHA-1 or SHA-256 fingerprint of the root CA certificate for the SCEP server
The Cisco IOS Registration Authority (RA) serves as a proxy to the SCEP server. The SCEP client on the phone use the parameters that are downloaded from Cisco Unified Communication Manager. After you configure the parameters, the phone sends aSCEP getcsrequest to the RA and the root CA certificate is validated using the defined fingerprint.
Procedure
| Step 1 | From the Cisco Unified Communications Manager Administration, select . |
| Step 2 | Locate the phone. |
| Step 3 | Scroll to the Product Specific Configuration Layout area. |
| Step 4 | Check the WLAN SCEP Server check box to activate the SCEP parameter. |
| Step 5 | Check the WLAN Root CA Fingerprint (SHA256 or SHA1) check box to activate the SCEP QED parameter. |
+++++++++++++++++++++++
i do see the following ENH request;
CSCve71881 ENH: ISE2.0 (no BYOD) to provision SCEP client in ip phone like 8821
Do we have any road-map for this?
