This past year I helped two companies move from a standard WPA2 WiFi setup to a EAP-TLS configuration, leveraging certificates from a SCEP source.
Each situation was a little bit different (as each company was deploying different technologies around Jamf) but I ran into the same pain points each time: no documented configurations.
So, in this post I hope to provide some quick info that I would have killed for when doing this the first time around.
First off – I won’t be covering the setup of the SCEP integration itself. I’m assuming you’ve already done that, but are having issues getting WiFi working.
Jamf does have some pretty good documentation surrounding both Enabling SCEP Proxy for Configuration Profiles and 802.1X WiFi Configurations
If you’re using Cisco ISE (Godspeed!), you will also want to take a look at this: Integrating Jamf Pro with Cisco ISE 3.1 and this: Integrate ISE 3.3 with JAMF as MDM Server.
You’ll want your Configuration Profile to look something like this: