Skip to main content
Cisco Meraki Documentation

Certificates in Meraki Systems Manager


There are various certificates in Meraki Systems Manager. This documentation will show the purpose of each certificate with information. 

Note: This information is for Meraki system/administrator certificates. To deploy certificates on Systems Manager managed devices see here

Meraki Root SCEP CA

CN=SCEP CA for {orgName}, OU={orgId}

Validity: 10 years

Every Meraki Organization with a SM network has its own unique SCEP root certificate authority in Org > MDM > SCEP CA. This is valid for 10 years. Admins can optionally add Meraki SCEP CA to an existing certificate chain. This certificate is used to securely generate client private keys on SM enrolled devices for security, such as secure EAP-TLS automatic Wi-Fi connections to Meraki MR SSIDs for SM enrolled devices with Sentry Wi-Fi. 

Meraki Dashboard SSL


Validity: 1 year

Renewed yearly ~1 week prior to expiration. Can be download from any web browser when it is live by inspecting the secure https certificate. 


Meraki Radius

Validity: 1 year

Renewed yearly ~1 month prior to expiration. Can be obtained from prior to expiration by searching "radius certificate rotation". This certificate is used for Meraki Cloud Authentication, such as Sentry Wi-Fi and Trusted Access. 

Apple Push Notification Service (APNS) 

Validity: 1 year

This certificate is required for Apple devices to enroll into Meraki Systems Manager. For more information, please review the documentation