When you configure CBA (Certificate Based Authentication), you can receive the following error:
“The configuration does not support client certificate authentication. Contact your helpdesk for additional information” when enrolling iOS devices.
Here after the solution:
Symptoms or Error
Android devices are able to enroll but iOS devices tested with the same users fail with the above error after authenticating
Solution
Remove the “Shared device enroller” RBAC permission for any user group within the RBAC group
Note: This permission should not be enabled for Certificate based authentication configured environments
Problem Cause
“Shared devices enroller” RBAC permission was configured for users
Note: My test has been done with MAM-Only Mode for XMS, for the same customer I have the RBAC configured on another environment MDM+MAM and CBA and no issue appear, so I suppose that this issue is for MAM-Only Mode
