cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1386
Views
0
Helpful
3
Replies

Can ISE 2.x be act as the SCEP server for the Cisco IP phones like 8821?

musultan
Cisco Employee
Cisco Employee

Can we use the  ISE 2.0: Certificate Provisioning Portal and act as the SCEP server for the Cisco IP phones like 8821?

ISE 2.0: Certificate Provisioning Portal - Cisco

I can see that 8821 IP phones can be setup for the SCEP server.

https://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cuipph/8821/english/adminguide/w88x_b_wireless-8821-8821ex-admin-guide/w88x_b_wireless-8821-8821ex-admin-guide_chapter_011.html#reference_7AA746980735854B1FB96BCE1D7AD1E1

+++++++++++++++++++++++

See the below

+++++++++++++++++++++++

Configure the SCEP Product Specific Configuration Parameters

You must configure the following SCEP parameters on your phone web page

  • RA IP address
  • SHA-1 or SHA-256 fingerprint of the root CA certificate for the SCEP server

The Cisco IOS Registration Authority (RA) serves as a proxy to the SCEP server. The SCEP client on the phone use the parameters that are downloaded from Cisco Unified Communication Manager. After you configure the parameters, the phone sends aSCEP getcsrequest to the RA and the root CA certificate is validated using the defined fingerprint.

  Procedure


Step 1  From the Cisco Unified Communications Manager Administration, select Device > Phone.
Step 2  Locate the phone.
Step 3  Scroll to the Product Specific Configuration Layout area.
Step 4  Check the WLAN SCEP Server check box to activate the SCEP parameter.
Step 5  Check the WLAN Root CA Fingerprint (SHA256 or SHA1) check box to activate the SCEP QED parameter.

+++++++++++++++++++++++

i do see the following ENH request;

CSCve71881   ENH: ISE2.0 (no BYOD) to provision SCEP client in ip phone like 8821


Do we have any road-map for this?

1 Accepted Solution

Accepted Solutions

ISE Internal CA is only for BYOD and manual provisioning via certificate portal currently. For roadmap request/questions, please reach out to the local Cisco Sales team so they can reach out to the PM.

View solution in original post

3 Replies 3

thomas
Cisco Employee
Cisco Employee

Mubasher,

I'd suggest you post your question to the Identity Services Engine (ISE) community since this is general ISE feature and not a Developer/API software integration topic. The TMEs will be able to answer your questions there.

musultan
Cisco Employee
Cisco Employee

Any reply on the above question?

ISE Internal CA is only for BYOD and manual provisioning via certificate portal currently. For roadmap request/questions, please reach out to the local Cisco Sales team so they can reach out to the PM.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: