This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Hello, dears
we have a large number of tablet devices and we decided to manage them using Intune, but we facing an issue; we used to use the "Cisco any connect" application for users to access the company resources using it and this happened by providing our certificate to the tablets manually.
The question is How could I provide this certificate to the android tablets using Intune? Is there any guide to do this?
Thank you
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(108.80000000000001, 13%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJS%3C/text%3E%3C/svg%3E)
@Heba Wagih I wanted to follow up and know if the below responses helped in answering your query. If it did, please do not forget to accept the appropriate response as Answer so that others in the community facing similar issues can easily find the solution.
Hi @Heba Wagih Thanks for posting in our Q&A forum.
I did some research and the official article shows that create a trusted certificate profile to deploy the trusted root certificate should be a feasible method. Please refer to:
https://learn.microsoft.com/en-us/mem/intune/protect/certificates-trusted-root#create-trusted-certificate-profiles
In addition, SCEPman is also a more once-and-for-all method. Have a look at:
https://oliverkieselbach.com/2019/07/02/the-easy-way-to-deploy-device-certificates-with-intune/
Note: unofficial links, just for reference.
Hope the above information can help.
If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in [our documentation][1] to enable e-mail notifications if you want to receive the related email notification for this thread.
Thank you @Jarvis Sun-MSFT for your answer, but I still don't know how could I do this. What procedure should I follow? I feel lost and confused. I there any step-by-step guide?
We have an on-prime CA ( Microsoft CA) that creates a certificate for Cisco VPN this certificate applies on both the Cisco server/app and the android device to let the corporate user access the corporate resources through Cisco any connect mobile application.
@Heba Wagih I did a similar deployment, referring to this step by step tech document, have a look at:
https://techcommunity.microsoft.com/t5/intune-customer-success/support-tip-how-to-configure-ndes-for-scep-certificate/ba-p/455125
Hi @Heba Wagih .
A lot of steps you need to follow :)
Let's start from high overview.
1) You need to create certificate tepmplate on your CA - https://learn.microsoft.com/en-us/mem/intune/protect/certificates-scep-configure#certificates-and-templates
2) Setup NDES role (NOTE: not on a server with CA role) Allow you to request a certificate from Intune to internal CA - https://learn.microsoft.com/en-us/mem/intune/protect/certificates-scep-configure#set-up-ndes
3) Configure NDES and specify template in the registery - https://learn.microsoft.com/en-us/mem/intune/protect/certificates-scep-configure#configure-the-ndes-service
4) Install connector - https://learn.microsoft.com/en-us/mem/intune/protect/certificate-connector-install
5) Create trusted cert profile (exported from CA) - https://learn.microsoft.com/en-us/mem/intune/protect/certificates-trusted-root#create-trusted-certificate-profiles
6) Create SCEP profile - https://learn.microsoft.com/en-us/mem/intune/protect/certificates-profile-scep