From Wikipedia: Simple Certificate Enrollment Protocol:
Simple Certificate Enrollment Protocol (SCEP) is an Internet Draft in the Internet Engineering Task Force (IETF). This protocol is used by numerous manufacturers of network equipment and software who are developing simplified means of handling certificates for large-scale implementation to everyday users, as well as being referenced in other industry standards.
The protocol is designed to make the issuing of digital certificates as scalable as possible. The idea is that any standard network user should be able to request their digital certificate electronically and as simply as possible. These processes have usually required intensive input from network administrators, and so have not been suited to large-scale deployments. ...
The SCEP protocol is drafted in draft-gutmann-scep-14.
Within Microsoft Intune SCEP is used to enroll device certificates to Windows, MacOS, iOS and Android devices. The documentation can be found here.
Originally Microsoft provided SCEP with it's own Windows Server Certificate Authority but Microsoft beside the fact that such an installation needs heavy design and configuration planning and even more investments in operations, Microsoft still relies on on-premises server and domain pre-requisites.
In a cloud-focused Microsoft 365 environment with AzureAD and Intune this journey into the past of legacy domain systems makes no sense. SCEPman closes this gab and provides an Azure based, cloud-approach to SCEP.
Official support of SCEPman for Intune is documented here.
Comments
0 comments
Please sign in to leave a comment.