This document describes how to use UMS to configure WiFi connections on IGEL OS with WPA Enterprise / WPA2 Enterprise and TLS client certificates.
There are two options for supplying client certificates and keys to endpoint devices:
Via SCEP (NDES)
SCEP allows the automatic provisioning of client certificates via an SCEP server and a certification authority (CA).
Via Files Served from UMS
- a client certificate in PEM (base64) format
- a client private key (needs to be passphrase-protected) in PEM (base64) format
- a PKCS#12 file containing both client certificate and private key (needs to be passphrase-protected).In both cases, SCEP and files from UMS, the device needs to have a working Ethernet or WiFi connection to the SCEP server or the UMS first, so that it can fetch the necessary certificates, before it can connect to the target WiFi.