SOTI Pulse Logo

FQHN/DNS-name as "Alternative Subject" in the certificate

H
Hauke
ArianeGroup GmbH

To log on to the WiFi via 802.1x we need the FQHN/DNS-name in the certificate we generate and deploy via MobiControl. All previous attempts have resulted in error messages within MobiControl ("Exception: Value does not fall within the expected range."). Does anyone here have any experience?

Certificate Type: Generic SCEP
SOTI MobiControl 15.6.4

The documentation refers to a selection list and a gear icon. However, these do not exist in "Generic SCEP". At least "ADCS + Configuration Type SCEP" has both. Unfortunately, the selection does not help us here.

The manual variant "%DEVICENAME%.PART.COMPANY.DE" runs into the described error within MobiControl. 

https://www.soti.net/mc/help/v15.6/en/console/reference/dialogs/globalsettings/certificates/certificate_san.html?hl=alternative%2Csubject

Thanks for any ideas or tips.

fqhn scep certificate 802.1x dns-name
a year ago
SOTI MobiControl
ANSWERS
RS
Rafael Schäfer
a year ago

If i look into ADCS + SCEP and go to certificate templates and add subject (alternative) names, i have the gear with the mentioned macros listed, where do you look for them (which option)?

H
Hauke
a year ago

As written, we need the FQHN/DNS-name. The result should be something like "devicename.part.company.de".

We use "Generic SCEP", here is no options or a gear icon at all, just a textfield.

Under "ADCS + SCEP", where I don't know if this also works with the customer's CA, there are a few options, but none with FQHN/DNS-name.

RS
Rafael Schäfer
a year ago

Checked it and true, for the Subject name you have a gear and seem to be able to use macros but not for the alternative.
So, i assume in this regard it's not supported.

Maybe there's a reason, i recommend in this regard to contact Soti about it directly maybe you need to raise a feature request for it.
But feature requests (if they agree to it) need time to implement, so i assume you won't get a fast solution if no one else here knows more.

P
PMMOD@SOTI
a year ago

Hi Hauke,

Apologies for the delay in response. Thank you for your post on SOTI Pulse

I would like you to create a support case (click here) or call the SOTI Support team (click here)  to gain a better understanding of the issue. We can then determine whether to raise a Feature Request or troubleshoot to fix the issue.

Please let us know so we can proceed further accordingly.

Similar Discussions