Deploy annyconnect certeficate using intune

Question

Deploy annyconnect certeficate using intune

Heba Wagih 116

Hello, dears

we have a large number of tablet devices and we decided to manage them using Intune, but we facing an issue; we used to use the "Cisco any connect" application for users to access the company resources using it and this happened by providing our certificate to the tablets manually.
The question is How could I provide this certificate to the android tablets using Intune? Is there any guide to do this?
Thank you

Jarvis Sun-MSFT 10,231 Reputation points Microsoft External Staff

2022-09-29T07:47:33.113+00:00

@Heba Wagih I wanted to follow up and know if the below responses helped in answering your query. If it did, please do not forget to accept the appropriate response as Answer so that others in the community facing similar issues can easily find the solution.

2 answers

Your answer

Jarvis Sun-MSFT 10,231 Reputation points Microsoft External Staff

2022-09-29T07:47:33.113+00:00

@Heba Wagih I wanted to follow up and know if the below responses helped in answering your query. If it did, please do not forget to accept the appropriate response as Answer so that others in the community facing similar issues can easily find the solution.

Answer 1

Jarvis Sun-MSFT 10,231 Microsoft External Staff

Hi @Heba Wagih Thanks for posting in our Q&A forum.
I did some research and the official article shows that create a trusted certificate profile to deploy the trusted root certificate should be a feasible method. Please refer to:
https://learn.microsoft.com/en-us/mem/intune/protect/certificates-trusted-root#create-trusted-certificate-profiles

In addition, SCEPman is also a more once-and-for-all method. Have a look at:
https://oliverkieselbach.com/2019/07/02/the-easy-way-to-deploy-device-certificates-with-intune/
Note: unofficial links, just for reference.
Hope the above information can help.

If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in [our documentation][1] to enable e-mail notifications if you want to receive the related email notification for this thread.

Heba Wagih 116 Reputation points

2022-10-02T14:53:20.783+00:00

Thank you @Jarvis Sun-MSFT for your answer, but I still don't know how could I do this. What procedure should I follow? I feel lost and confused. I there any step-by-step guide?
We have an on-prime CA ( Microsoft CA) that creates a certificate for Cisco VPN this certificate applies on both the Cisco server/app and the android device to let the corporate user access the corporate resources through Cisco any connect mobile application.
Jarvis Sun-MSFT 10,231 Reputation points Microsoft External Staff

2022-10-03T07:50:09.777+00:00

@Heba Wagih I did a similar deployment, referring to this step by step tech document, have a look at:
https://techcommunity.microsoft.com/t5/intune-customer-success/support-tip-how-to-configure-ndes-for-scep-certificate/ba-p/455125

Answer 2

Hi @Heba Wagih .

A lot of steps you need to follow :)

Let's start from high overview.

1) You need to create certificate tepmplate on your CA - https://learn.microsoft.com/en-us/mem/intune/protect/certificates-scep-configure#certificates-and-templates
2) Setup NDES role (NOTE: not on a server with CA role) Allow you to request a certificate from Intune to internal CA - https://learn.microsoft.com/en-us/mem/intune/protect/certificates-scep-configure#set-up-ndes
3) Configure NDES and specify template in the registery - https://learn.microsoft.com/en-us/mem/intune/protect/certificates-scep-configure#configure-the-ndes-service
4) Install connector - https://learn.microsoft.com/en-us/mem/intune/protect/certificate-connector-install
5) Create trusted cert profile (exported from CA) - https://learn.microsoft.com/en-us/mem/intune/protect/certificates-trusted-root#create-trusted-certificate-profiles
6) Create SCEP profile - https://learn.microsoft.com/en-us/mem/intune/protect/certificates-profile-scep

Share via

Deploy annyconnect certeficate using intune

2 answers

Your answer