You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: memdocs/intune/protect/certificates-pfx-configure.md
+3-34Lines changed: 3 additions & 34 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -128,37 +128,6 @@ To authenticate a device with VPN, WiFi, or other resources, a device needs a ro
128
128
129
129
For guidance, see [Install and configure the Certificate Connector for Microsoft Intune](certificate-connector-install.md).
130
130
131
-
<!-- Remainder is deprecated content, now covered by the install of the new certificate connector>
132
-
133
-
Before you begin, [review requirements for the connector](certificate-connectors.md) and ensure your environment and your Windows server is ready to support the connector.
134
-
135
-
1. Sign in to the [Microsoft Endpoint Manager admin center](https://go.microsoft.com/fwlink/?linkid=2109431).
3. Select *Download the certificate connector software* for the connector for PKCS #12, and save the file to a location you can access from the server where you're going to install the connector.
4. After the download completes, sign in to the server and run the installer (PfxCertificateConnectorBootstrapper.exe).
144
-
- When you accept the default installation location, the connector installs to `Program Files\Microsoft Intune\PFXCertificateConnector`.
145
-
- The connector service runs under the local system account. If a proxy is required for internet access, confirm that the local service account can access the proxy settings on the server.
146
-
147
-
5. The PFX Certificate Connector for Microsoft Intune opens the **Enrollment** tab after installation. To enable the connection to Intune, **Sign In**, and enter an account with Azure global administrator or Intune administrator permissions. This account must have a license for Intune.
148
-
149
-
> [!WARNING]
150
-
> By default, in Windows Server **IE Enhanced Security Configuration** is set to **On** which can cause issues with the sign-in to Office 365.
151
-
152
-
6. Select the **CA Account** tab, and then enter credentials for an account that has the Issue and Manage Certificates permission on your issuing Certificate Authority. These credentials will be used to perform certificate issuance and certificate revocation on the Certificate Authority. (Prior to the PFX certificate connector version 6.2008.60.612, these credentials were used only for certificate revocation.)
153
-
154
-
**Apply** your changes.
155
-
156
-
7. Close the window.
157
-
158
-
8. In the Microsoft Endpoint Manager admin center, go back to **Tenant administration** > **Connectors and tokens** > **Certificate connectors**. In a few moments, a green check mark appears and the connection status updates. The connector server can now communicate with Intune.
159
-
160
-
-->
161
-
162
131
## Create a trusted certificate profile
163
132
164
133
1. Sign in to the [Microsoft Endpoint Manager admin center](https://go.microsoft.com/fwlink/?linkid=2109431).
@@ -197,8 +166,8 @@ Before you begin, [review requirements for the connector](certificate-connectors
197
166
198
167
9. In **Assignments**, select the user or device group(s) that will be assigned the profile. For more granularity, see [Create filters in Microsoft Intune](https://go.microsoft.com/fwlink/?linkid=2150376) and apply them by selecting *Edit filter*.
199
168
200
-
Plan to deploy this certificate profile to the same groups that receive the PKCS certificate profile, and that receive a configuration profiles like a Wi-Fi profiles that makes use of this certificate. For more information on assigning profiles, see [Assign user and device profiles](../configuration/device-profile-assign.md).
201
-
169
+
Plan to deploy this certificate profile to the same groups that receive the PKCS certificate profileconfiguration profiles like a Wi-Fi profile that makes use of the certificate. For more information on assigning profiles, see [Assign user and device profiles](../configuration/device-profile-assign.md).
170
+
202
171
Select **Next**.
203
172
204
173
10. (*Applies to Windows 10/11 only*) In **Applicability Rules**, specify applicability rules to refine the assignment of this profile. You can choose to assign or not assign the profile based on the OS edition or version of a device.
@@ -259,7 +228,7 @@ Before you begin, [review requirements for the connector](certificate-connectors
259
228
260
229
8. Select **Next**.
261
230
262
-
9. In **Assignments**, select the user or groups that will receive your profile. Plan to deploy this certificate profile to the same groups that receive the trusted certificate profile. For more information on assigning profiles, see [Assign user and device profiles](../configuration/device-profile-assign.md).
231
+
9. In **Assignments**, select the user or groups that will receive your profile. Plan to deploy this certificate profile to the same groups that receive the trusted certificate profile, and that receive a configuration profile like a Wi-Fi profile that makes use of the certificate. For more information on assigning profiles, see [Assign user and device profiles](../configuration/device-profile-assign.md).
0 commit comments