This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.
Can we use the ISE 2.0: Certificate Provisioning Portal and act as the SCEP server for the Cisco IP phones like 8821?
I can see that 8821 IP phones can be setup for the SCEP server.
See the below
You must configure the following SCEP parameters on your phone web page
The Cisco IOS Registration Authority (RA) serves as a proxy to the SCEP server. The SCEP client on the phone use the parameters that are downloaded from Cisco Unified Communication Manager. After you configure the parameters, the phone sends aSCEP getcsrequest to the RA and the root CA certificate is validated using the defined fingerprint.
|Step 1||From the Cisco Unified Communications Manager Administration, select Device > Phone.|
|Step 2||Locate the phone.|
|Step 3||Scroll to the Product Specific Configuration Layout area.|
|Step 4||Check the WLAN SCEP Server check box to activate the SCEP parameter.|
|Step 5||Check the WLAN Root CA Fingerprint (SHA256 or SHA1) check box to activate the SCEP QED parameter.|
i do see the following ENH request;
CSCve71881 ENH: ISE2.0 (no BYOD) to provision SCEP client in ip phone like 8821
Do we have any road-map for this?
Solved! Go to Solution.
I'd suggest you post your question to the Identity Services Engine (ISE) community since this is general ISE feature and not a Developer/API software integration topic. The TMEs will be able to answer your questions there.