Onboard a macOS device to a wired network with certificates
In this topic, you will learn how to onboard using certificates, the self-onboarding portal, a macOS computer, and a wired network managed by Portnox™ Cloud.
To onboard to a network using a certificate, you need to generate, download, and install the configuration profile. In macOS, all network configurations for 802.1X authentication are managed using profiles.
Download and install the certificate configuration profile
In this section, you will generate, download, and install the certificate configuration profile on your device.
-
Enter the URL of the self-onboarding portal in your browser.
To learn how to set up the self-onboarding portal and obtain the URL, see the following topic: Set up the self-onboarding portal.
-
In Step 1, select the third option: CLEAR account certificate management
and click on the Next button.
- In Step 2, you can select the Corporate email address option or the Corporate username and password option. Select the Corporate email address option if Portnox Cloud manages your user repository. Select the Corporate username and password option if you have integrated Cloud with an external repository. Proceed with the following steps depending on your choice.
-
If you have chosen Corporate email address:
Important: Only choose the Corporate email address option if Portnox Cloud manages your user repository. Cloud manages the user repository if it’s not integrated with any external repositories such as Microsoft Azure (Entra ID), Google Workspace, or Okta Workforce Identity.
-
If you have chosen Corporate username and password:
-
Click on the OBTAIN CERTIFICATE button to download the user certificate profile generated for
your device.
Note: If you want to replace a certificate you created earlier, for example, because the old one expires soon, click on the REISSUE CERTIFICATE button instead.
-
Install the downloaded certificate configuration profile.
Result: You downloaded and installed the certificate.
Download and install the connection configuration profile
In this section, you will use the self-onboarding portal to generate a configuration profile that configures your network for you.
- Go back to Step 1 of the self-onboarding portal by clicking on the Back link.
-
In Step 1, select the second option: CLEAR account activation and Device
provisioning and click on the Next button.
Important: The wired network in the group that the account belongs to must be configured for EAP-TLS authentication. For more information, see the following topic: Advanced network configuration.
- Follow the same steps as above to authenticate using your corporate email or corporate username and password.
-
Click on the tile in the Wired Enrollment Profile section that represents the macOS operating
system to download the configuration profile.
-
Install the downloaded configuration profile.
macOS configures the network settings for the wired network configured in your Portnox Cloud group.
Result: Your macOS computer is connected to a wired network managed by Portnox Cloud.
Troubleshooting information: See the following topic: How to troubleshoot typical device onboarding issues.