Finally we need to allow the server to manage certificates - open the CA properties and add the computer account of the server that will host the connector, with Issue and Manage Certificates and Request Certificates permissions.Back in the Certification Authority console, right click on Certificate Templates and pick New > Certificate Template to issue.Click Apply to save the template, then close the console. On the Security tab, add the computer account of the server you will be using for the Intune connector, with Read and Enroll permissions.On the Extensions tab, under Application Policies, make sure that there are three entries - Client Authentication, Secure Email and Encrypting File System.On the Subject Name tab, make sure you selected Supply in the request.On the Cryptography tab, make sure the minimum key size is 2048.
#RIGHT CLICK KSP MAC INSTALL#
This is required so that the the Intune connector can install the private key onto the end user device. On the Request Handling tab, tick Allow private key to be exported.