SCEP support in Certificate Manager
This article is valid for Certificate Manager 8.5 and later.
This article describes the support for the Simple Certificate Enrollment Protocol (SCEP) in Smart ID Certificate Manager via Protocol Gateway. Simple Certificate Enrollment Protocol is a protocol for handling certificates for large-scale implementation to everyday users.
The Certificate Manager SCEP service is used to enroll end-entity certificates on request from hardware components, such as routers and firewalls. The SCEP service is compliant with the Internet Draft draft-nourse-scep-23. For more information, see Internet draft - Simple Certificate Enrollment Protocol.
Protocol Gateway provides security by supporting the SCEP security features, the device registration procedure and a unique feature to verify signed SCEP requests, useful when using device management solutions. For more details on the SCEP implementation, see Notes on SCEP implementation in Certificate Manager.
Example configuration
For more information, see Example: SCEP configuration in Protocol Gateway.
SCEP Intune support
Certificate Manager can be used as a third-party CA with Microsoft Intune to issue and validate certificates using Simple Certificate Enrollment Protocol (SCEP). Certificate Manager supports SCEP Intune with Microsoft Azure for all SCEP Intune certified devices. For more information, see Example: SCEP Intune configuration in Protocol Gateway.
For each configured Intune handler, a revocation polling thread is started that periodically attempts to retrieve revocation data from Intune, if available. Click here for a list describing what type of actions that causes SCEP-issued certificates to be revoked: https://docs.microsoft.com/en-us/mem/intune/protect/remove-certificates.
SCEP NDES support
Certificate Manager supports SCEP with static and dynamic challenge passwords. SCEP with dynamic challenge passwords is complying to Microsoft's Network Device Enrollment Service (NDES) implementation.
Request certificate via SCEP and Protocol Gateway
Related information
Copyright 2024 Technology Nexus Secured Business Solutions AB. All rights reserved.
Contact Nexus | https://www.nexusgroup.com | Disclaimer | Terms & Conditions