Appendix D. Using a Cisco IOS Certificate Authority for BYOD Onboarding

This appendix shows an alternative for environments that do not have a production Certificate Authority (CA), such as the MS Certificate Authority for a proof of concept, or very small pilot. Cisco IOS on the Integrated Services Router (ISR) is capable of acting as a CA and supports SCEP with the ability to automatically issue the certificate. This works for many devices and should be sufficient for many proof of concept setups. See the section, “Important Notes,” at the end of this appendix for information on some devices that may fail the certificate provisioning process.

For this appendix, a dedicated ISR has been set up to act as a CA. Figure D-1 displays the example ...

Get Cisco ISE for BYOD and Secure Unified Access now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.