Things have definitely got better for us but I have just found a problem device running iOS 18.1. Not sure what has made it better as we had
a version of our MDM where Allow Pairing was always set to false so we had to wipe and DEP enrol some devices again
Sequoia uplift
Xcode 16 uplift
Sorry can't be of more help
slider42
Users receive reputation points by contributing quality content to the forums.
Posts include post and replies published on the forums.
Post authors can mark replies as Accepted to indicate successful solutions.
Apple Developer Forums admins can mark replies as Apple Recommended to indicate an approved solution
Last seen
User for
Post
Replies
Boosts
Views
Activity
There is a discussion at
https://macadmins.slack.com/archives/C5238RU9X/p1732187435343649
that covers most of this issue. It doesn't explicitly say why a different non-identity cert payload isn't used and also if I navigate to the enterprise application path in Safari it prompts me to use the Device Identity cert for client authentication and then server the page