This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
I'm looking to push the root and intermediary CA certificates from our Enterprise PKI to our IOS devices to support 802.1x auth against our WIFI networks. This is done via an Intune configuration profile of type WIFI that references a profile of type Trusted Certificate. In the Trusted Certificate profile the UI asks you to upload a .cer or .crt file. The problem is that the .cer/.crt file format is binary and cannot hold the entire trust chain i.e. more than one public certificate. That said, I can create multiple Trusted Certificate profiles and assign them to the WIFI profile so that all certificates are trusted. However, if I upload a PEM (Base64) file format renamed as .crt or .cer the UI accepts it and pushes it to the device!
Is the PEM format support by Intune Trusted Certificate profiles and if so does it also support multiple certificates in the that PEM file?
@shockoMS Thanks for posting in our Q&A.
PEM format is not supported by Intune Trusted Certificate profiles. Currently, Intune Trusted Certificate profiles only support cer, crt.
And even the PEM file format was renamed as .crt or .cer, there is no guarantee that everything will work properly during use. You can try to assign it to the WIFI profile and check if it works.
If you are interested in supporting PEM format, it is suggested to feedback in the UserVoice Page. This is a place to collect customers' requirements and problems. Here is the link:
https://support.microsoft.com/en-us/office/uservoice-pages-430e1a78-e016-472a-a10f-dc2a3df3450a
Thanks for your understanding.
If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.