Showing results for 
Search instead for 
Did you mean: 

CloudPath - manually generate & deploy device certificate

New Contributor III
Not sure if this is possible.
We have Ruckus vSZ with Cloudpath for on-boarding wireless devices. At the moment all BYOD users goes through the Cloudpath onboarding url >> enter their AD domain credentials which launches the NetworkWizardLoader-xxxx.exe and connects the user to the relevant SSID.

We have few non-domain/Intune managed devices shared by multiple users and would like to connect them to the wireless using the device based certificate. Is there a way on Cloudpath to generate\export the certificate manually which I can install it on the devices so that it connects automatically to the wireless ?

Or please advise of there is a better solution.

Any help on this would be much appreciated, thank you.

thank you, Is there a help guide or knowledge-base article somewhere I can follow ?

Here are a couple of screenshots to illustrate... If you need further assistance with this, please open a ticket with Ruckus Support.Image_ images_messages_5f91c486135b77e247ad1d43_c8c5969a50493f976804a8fe6bb1fbb0_RackMultipart2020061586022p1li-00efcee3-756f-466e-b4a7-79e1d1a27835-441237850.jpg1592234813Image_ images_messages_5f91c486135b77e247ad1d43_04756db773955b58b7dae92f0ee3767f_RackMultipart202006151184051yo-87df12e7-2ca3-42c2-9db8-19046a0f94b8-1754199893.jpg1592234830

thank you Brett, If i generate a certificate based on the existing BYOD  template we use here,  use one of the AD account on Username field, can I apply the same certificate to multiple devices ?

Well, you'd use the same template but not the same cert you 'd generate a different cert for each entered username

You could apply the same cert to different devices, but you would then not be able to uniquely distinguish them.  It is not required that you use an AD account user for the Username field.  That just establishes the username as part of the certificate's common name.  When challenging users in a workflow using an AD authentication server, that is merely authorizing the user to be issued a cert... and that is the extent of AD's role.  Subsequent connections are authenticated with the cert, and not AD at all. (in EAP-TLS use case, anyway...)