This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
I am evaluating Intune Cloud PKI solution and I want to test the certification usage with IIS build on Windows Server. The Server is not member of Active Directory, so I downloaded Root and Issuing certificates as files and imported them into the Windows Server. The problem is, when I try to add IIS binding for https, and selecting certificate, that certificates from Intune Root and Issuing are not viewed. Also when I created Root CA, I didn't see Web server purpose. Only Client and Server.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(233.6, 30%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECM%3C/text%3E%3C/svg%3E)
@Pavel yannara Mirochnitchenko, Thanks for posting in Q&A. In Fact, Microsoft Cloud PKI to issue certificates for Intune-managed devices.
https://video2.skills-academy.com/en-us/mem/intune/protect/microsoft-cloud-pki-overview
Currently, windows server cannot managed by Intune yet. So we can't deploy certificate to windows web server yet.
https://video2.skills-academy.com/en-us/mem/intune/fundamentals/supported-devices-browsers
Meanwhile, For the web server certificate which is used to enables secure communication between a web server and a web browser. The subject name needs to be the web server name or the name you used to publish out. Root CA and Issuing CA certificate is used to validate the certificate you request from the CA is valid. And it can't be used to bind with https.
Hope the above information can help.
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
Thank you. This IIS scenario was only a test to validate certification functionality in real example and I see now that this cannot be done. But how about the real need with WIFI Access Points and their cert requirements? Does Cloud PKI already adress this need?
@Pavel yannara Mirochnitchenko, Thanks for the reply. For WiFI, based on my researching, currently Cloud PKI can support the **RADIUSaaS **which is also cloud service. Here is a link with more details.
Note: Non-microsoft link, just for the reference.