Yes, but SCEP needs the “key encipherment” and “certificate signing” as key usage. If your existing PKI cannot create such a certificate it won’t work. Our recommendation is that you create a SCEPman instance and test this scenario.
To use such a intermediate root just switch the certificate in the Azure Key Vault and update two application settings in your app service.
AppConfig:KeyVaultConfig:RootCertificateConfig:CertificateName
AppConfig:KeyVaultConfig:RootCertificateConfig:Subject
Comments
0 comments
Article is closed for comments.