Skip to main content
Skip table of contents

Using WPA Enterprise / WPA2 Enterprise with TLS Client Certificates

This document describes how to use UMS to configure Wi-Fi connections on IGEL OS with WPA Enterprise / WPA2 Enterprise and TLS client certificates.

There are two options for supplying client certificates and keys to devices:

Via SCEP (NDES)

SCEP allows the automatic provisioning of client certificates via an SCEP server and a certification authority (CA).

Learn how to configure it, using How-To Certificate Enrollment and Renewal with SCEP (NDES).

Via Files Served from UMS

You need:

  • a client certificate in PEM (base64) format
  • a client private key (needs to be passphrase-protected) in PEM (base64) format

Alternatively,

  • a PKCS#12 file containing both client certificate and private key (needs to be passphrase-protected).
In both cases, SCEP and files from UMS, the device needs to have a working Ethernet or Wi-Fi connection to the SCEP server or the UMS first, so that it can fetch the necessary certificates before it can connect to the target Wi-Fi.

How to Deploy Client Certificates and Keys
How to Configure the Network Interface

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close