Intune Integration Kit

Creating certificate profiles in Intune

To complete the configuration, import the certificate authority (CA) root certificate into PingFederate, and configure trusted certificate and SCEP profiles in Intune.

About this task

For general information, see the following sections of the Microsoft documentation:

Steps

  1. In PingFederate, import the root certificate from your CA into the global trust list. For instructions, see Managing trusted certificate authorities in the PingFederate documentation.

  2. Sign on to Microsoft Azure as an administrator.

  3. Follow the steps in Create trusted certificate profiles in the Microsoft documentation.

  4. Follow the steps in Create and assign SCEP certificate profiles in Intune in the Microsoft documentation, with the following details:

    1. On the Configuration settings tab, from the Certificate type list, select User.

    2. If you want to get the security posture for all of the user’s devices, from the Subject name format list, select Common name. From the Subject alternative name list, select User principal name (UPN).

    3. If you want to get the security posture for the user’s current device only, from the Subject name format list, select Custom. In the Custom field, modify the value to include CN={{AAD_Device_ID}}}.