I too would be interested in AOVPN user certificates via Cloud PKI : is it best to deploy these as shown in this video with BYOCA which has been signed on the domain controller, or is it better to not use BYOCA but create a Cloud PKI root CA which is then added to NTAuthCA store on the DC? I can't see much information on the relative merits
You have done a number of Cloud PKI videos. Much appreciated. Can you try one for AOVPN that currently uses on prem server for certificates. Would like to transfer or lift that process to a cloud only certificate. Hope I explained that correctly.
Sure! If you don't mind, please head to our Discord server at discord.gg/getrubix and add your request to the "recommendations" channel so we don't miss it!
If we do this, will we be able to deploy wifi certificates to intune machines and will those certificates directly work with our clearpass radius solution, which we are already using with our on prem ca?
Yes you can deploy to Intune machines, but whether it will work with your Radius solution will need to be tested. Most likely it will need user auth since the device will not be on the domain.
I too would be interested in AOVPN user certificates via Cloud PKI : is it best to deploy these as shown in this video with BYOCA which has been signed on the domain controller, or is it better to not use BYOCA but create a Cloud PKI root CA which is then added to NTAuthCA store on the DC? I can't see much information on the relative merits
You have done a number of Cloud PKI videos. Much appreciated. Can you try one for AOVPN that currently uses on prem server for certificates. Would like to transfer or lift that process to a cloud only certificate. Hope I explained that correctly.
Sure! If you don't mind, please head to our Discord server at discord.gg/getrubix and add your request to the "recommendations" channel so we don't miss it!
If we do this, will we be able to deploy wifi certificates to intune machines and will those certificates directly work with our clearpass radius solution, which we are already using with our on prem ca?
Yes you can deploy to Intune machines, but whether it will work with your Radius solution will need to be tested. Most likely it will need user auth since the device will not be on the domain.
We are using Azure AD and wanted to use BYOCA for Intune Cloud PKI. is this will be same process for it too? as we do not have any on prem AD
If you do not have on-prem AD, there is no reason to BYOCA. Just use the built in Cloud PKI CA