Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

How to push EAP-TLS configuration Profile and Certificates to Mac books and Iphones


Hi Team,


We were able to push the EAP-TLS configuration profiles and certificates to windows devices via group policy.  However, we're now looking to see how we can accomplish this for Mac book and iphones?  Is there an open source application or something we can leverage to do this?




Can you confirm if you are

Can you confirm if you are using ISE 1.1 or 1.2 ?

New Member

 We're are using ISE 1.2, but


We're are using ISE 1.2, but only have basic license.  I know that with advance we can setup onboarding, but no budget currently for this.  So I'm looking for alternative ideas, methods or examples.


Sorry I am asking one

Sorry I am asking one question at a time but how many iOS users you are looking at ? Also  do you have any existing Lion server in your infrastructure ? 

New Member

 Windows 7, 8, Mac book OSX,


Windows 7, 8, Mac book OSX, and iphone/ipad or Apple IOS.  That's about it.  However, they are mostly OSX.

Cisco Employee

I think ammahend was looking

I think ammahend was looking for a rough count which is what my question was going to be. The reason I would ask this is that if the device count is low then you could manually provision certs on those devices. Not ideal since you will have to manually generate CSRs, get them signed and then installed on the machines.

Another way to do this is if you have an MDM solution in place. You can have the MDM integrate with your CA via SCEP and then on-board devices that way. You don't have to integrate ISE with MDM (advanced licenses needed) as you can only have ISE check for the cert and only perform EAP-TLS authentications. 

Hope this helps!


Thank you for rating helpful posts! 

CreatePlease to create content