Identifying Issued SCEP Certificates for iOS Enrollment

Article:TECH201445  |  Created: 2013-01-08  |  Updated: 2013-01-08  |  Article URL
Article Type
Technical Solution



During typical iOS Device enrollment, SCEP certificates are issued to iOS devices with a generic subject. The serial number of the certificate will be unique but not easy to identify for a specific device or user.


Symantec Mobile Management for Configuration Manager 7.x


The NDES requests a unique certificate but only the serial number differentiates the certificates. The serial number is not a convenient way to trace the certificate to the device.


In MMCM 7.x, you can use a variable in the SCEP configuration. Authentication must be enabled for this variable to work.

  1. In the iOS side of the Configuration Editor, open your SCEP configuration.
  2. In the Subject field, change the text to: CN={USERNAME}
  3. Save the configuration.
  4. Re-enroll your iOS device.
  5. Examine the CA issued certificates list and check the Issued Common Name.

Article URL

Terms of use for this information are found in Legal Notices