Certificates in Meraki Systems Manager
Overview
There are various certificates in Meraki Systems Manager. This documentation will show the purpose of each certificate with information.
Note: This information is for Meraki system/administrator certificates. To deploy certificates on Systems Manager managed devices see here.
Meraki Root SCEP CA
CN=SCEP CA for {orgName}, OU={orgId}
Validity: 10 years
Every Meraki Organization with a SM network has its own unique SCEP root certificate authority in Org > MDM > SCEP CA. This is valid for 10 years. Admins can optionally add Meraki SCEP CA to an existing certificate chain. This certificate is used to securely generate client private keys on SM enrolled devices for security, such as secure EAP-TLS automatic Wi-Fi connections to Meraki MR SSIDs for SM enrolled devices with Sentry Wi-Fi.
Meraki Dashboard SSL
Validity: 1 year
Renewed yearly ~1 week prior to expiration. Can be download from any web browser when it is live by inspecting the secure https certificate.
Meraki Radius
Validity: 1 year
Renewed yearly ~1 month prior to expiration. Can be obtained from documentation.meraki.com prior to expiration by searching "radius certificate rotation". This certificate is used for Meraki Cloud Authentication, such as Sentry Wi-Fi and Trusted Access.
Apple Push Notification Service (APNS)
Validity: 1 year
This certificate is required for Apple devices to enroll into Meraki Systems Manager. For more information, please review the documentation.