Hi,
I’m trying to use SCEP to import a certificate from a Microsoft CA, the certificate will be used for EAP-TLS. I’m struggling to understand the process and have some concerns that it might not work due to some known issues that I’ve read on the forum. Here’s what I’ve tried so far:
- Copied then installed the root and issuing CA certificates to Mikrotik device (the device doesn’t recognize the cert as a CA cert for some reason)
- Created a certificate template (I’ve not signed it, does SCEP take care of that?)
- Created a certificate request using template and challenge passphrase provided by MS CA
- Added a SCEP-RA referencing the MS CA server and the template and hit apply
When debugging the certificate process on Mikrotik I see that it receives two certificates from the MS CA then it fails and shortly after.
Has anyone gotten this process working with MS CA, could you kindly share any processes, or highlight where I have made a mistake above.
Thanks
Pete.