Identifying Issued SCEP Certificates for iOS Enrollment


Article ID: 157532


Updated On:


Mobile Management


During typical iOS Device enrollment, SCEP certificates are issued to iOS devices with a generic subject. The serial number of the certificate will be unique but not easy to identify for a specific device or user.


The NDES requests a unique certificate but only the serial number differentiates the certificates. The serial number is not a convenient way to trace the certificate to the device.


In MMCM 7.x, you can use a variable in the SCEP configuration. Authentication must be enabled for this variable to work.

  1. In the iOS side of the Configuration Editor, open your SCEP configuration.
  2. In the Subject field, change the text to: CN={USERNAME}
  3. Save the configuration.
  4. Re-enroll your iOS device.
  5. Examine the CA issued certificates list and check the Issued Common Name.

Applies To

Symantec Mobile Management for Configuration Manager 7.x