We are trying to build a simple iPhone Enrollment application for in-house use, I was able to install and run EJBCA, but getting the iphone enrolled is getting deficult. Is there any How-to guide for Iphone enrollment using EJBCA SCEP service? any help would be much appreciated.
There is no public how-to-guide at the moment but here is a starter:
EJBCA and the iPhone works very nicely together. PrimeKey has created a detailed howto guide for that.
You can query for it at info(at)primekey.se if you like.
Thanks Anders and Tomas for your quick response, I was able to get the device attributes, the step where I got struck is at Certificate Enrollment using SCEP. I have created CA and named it as IPS, iphone is trying to get the IPS CA, but for some reason it is failing. When I tried to get the cert from Firefox by typing the URL (http://<hostname:port/ejbca/publicweb/apply/scep/pkiclient.exe?operation=GetCACert&message=IPS), I am prompted if I would like to trust the certificate. I am not sure if I am doing anything wrong.
I was not able to find the How-to guide at Primekey.se, could you please post the link to it?
Setting up SCEP can be a bit tricky.
"I was not able to find the How-to guide at Primekey.se, could you please post the link to it?"
You need to send a request to info (at) primekey.se.
Thanks Anders, I just sent them an email. Hope to hear from them soon :)
iPhone/iOS is listed as a tested device under http://ejbca.org/adminguide.html#Scep. There is a link to PrimeKey, but the document is not available for public download.
I was able to resolve the issue by myself, is it ok if I post how to do it here?
This is an open source forum, so feel free to use it.
iPhone 5 presents a certificate signed with its serial number.
Would iphone 5 be able to enrol into ejbca? I wasn't able to do it with cisco scep 2900 even though I have all the root and intermediate certificates from apple…
PrimeKey have recently created a specific web-based enrollment solution for iOS and Android-based devices.
Unfortunately it is currently not available as open source.
Anyway, the EJBCA SCEP implementation (client mode) is fully compatible with the iOS SCEP implementation.
Sign up for the SourceForge newsletter:
You seem to have CSS turned off.
Please don't fill out this field.