Using the Certificate Management Server
Avalanche Certificate Manager enables you to use EAP-TLS wireless security and distribute unique TLS user certificates based upon the serial number of enrolled AIDC devices without using individual domain credentials. The Certificate Manager provides an extra layer of security between devices and the server but is not required.
The following procedure is an overview. Detailed instructions can be found here: Certificate Manager Implementation Guide.
To set up the Certificate Manager
1.Add the Active Directory role.
2.Add the Active Directory Certificate Services.
3.Configure IIS to use SSL.
4.Configure WLAN Controller or Access Point.
5.Add Network Policy Server Role.
6.Create RADIUS Computer Certificate.
7.Configure Windows RADIUS Service.
8.Configure Network Policy.
9.Add Network Device Enrollment Service (NDES) Role.
10.Configure Certificate Authority for SCEP.
11.Implement Avalanche with the Certificate Manager plugin.
12.Configure the Certificate Management Server.
13.Configure the SCEP Server to automatically issue certificates.
For help setting up the Certificate Manager contact Ivanti Support.
For more information on enabling certificate management after set up, see Enabling the Certificate Management Server.