Kandji MDM SCEP/EAP-TLS

1. Go to the library
2. Create a new "WiFi Profile"
3. Assign it to the proper blueprint
4. Make settings as below. Anything not mentioned, leave as the default.

Service Set Identifier: this must match your network's SSID name exactly.
Authentication Type: WPA2 Enterprise
Accepted EAP Types: TLS
Username (optional): leave blank
Identity certificate: SCEP

SCEP Configuration:

• URL: (from Foxpass's SCEP page)
• Name: (leave blank)
• Challenge: (from Foxpass's SCEP page)
• Fingerprint: (leave blank)
• Subject: CN=$EMAIL
• Specify Subject Alternative Names (SAN):
  • SAN Type: RFC 822 Name: $EMAIL
• Key Size: 2048
• Key Usage: None
• Automatic profile redistribution: Yes

Certificate Trust: select "Specify trusted certificates".
Upload the Server Certificate Authority that you download from from Foxpass's SCEP page

That's it!