Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

This article describes the support for the Nexus Nexus Windows Enrollment Proxy (WinEP) in Nexus Certificate Manager.

Nexus Windows Enrollment Proxy (WinEP) facilitates enrollment to Microsoft Windows clients through native protocols. 

WinEP requires the WinEP service as well as the WinEP Protocol Gateway servlet, both from Nexus. Information regarding installation, configuration and usage of the WinEP service can be found in the Certificate Manager WinEP documentation

Clients connected to the network enroll for certificates with a native Windows enrollment client. The enrollment client will ask the Active Directory where a certain Certificate Template is supposed to enroll for certificates. The client then communicates, via Distributed Component Object Model (DCOM), with the host on which the Certificate Template is enrolling, in this case of the WinEP service. The WinEP service then communicates over two-way TLS with the WinEP servlet in Protocol Gateway, which in turn talks to the Certificate Manager (CM) backend to issue the certificate.