The Simple Certificate Enrolment Protocol (SCEP) is a protocol used for enrolment and other PKI operations.


There are two tabs displayed in this section:


  1. SCEP
  2. Microsoft Intune SCEP 


SCEP



SCEP

Field

Description 

Challenge Type 

The challenge can be one of the following:


  • None - SCEP server will not authenticate the device request with a challenge password.
  • Fixed - The device has requested the SCEP server for a certificate (including a password challenge), the SCEP server then validates the password and will issue this certificate. When "Fixed" is selected, the challenge password is used for each device request.
  • Random - The device has requested the SCEP server for a certificate (including a password challenge), the SCEP server then validates the password and will issue this certificate. When "Random" is selected, each request will contain a different challenge password.

SCEP URL 

Once you select the challenge type, a URL will be generated. This URL is required when managing certificate using SCEP, e.g [Server URL]/scep.


Microsoft Intune SCEP 



Microsoft Intune SCEP

Field

Description 

SCEP CA Certificate 

SCEP CA certificate is used for encryption and decryption of certificate requests. You can download to view the SCEP CA certificate details. 

HTTPS SCEP URL 

This URL is set in the configurations and is required when managing certificates using Microsoft Intune SCEP Certificate, e.g [Server URL]/scep.