This article describes the settings required for a SCEP server in IGEL OS.
...
Menu path: Network > SCEP Client (NDES) > SCEP Server
...
| Info |
|---|
Because of the need to enter a fingerprint (CA root certificate) and |
...
the Challenge |
...
password (SCEP server), the configuration process is somewhat complicated. Ideally, it should be set up in the UMS as a profile and distributed to the devices. For more information, see Universal Management Suite > IGEL UMS Web App > Configuration - Centralized Management of Device Settings in the IGEL UMS Web App > How to Create and Assign Profiles in the IGEL UMS Web App. |
SCEP server URL
Address of the SCEP server.
Examples:
http://myserver.mydomain.com/certsrv/mscep/mscep.dll dll(Windows Server 2019)http://myserver.mydomain.com/certsrv/mscep(before Windows Server 2019)
Proxy server for SCEP requests
Proxy server in the
...
format host:port. If this field is empty, no proxy will be used.
Challenge password
Password for queries
Certificate renewal period (days)
Time interval before certificate expiry after which the certificate renewal procedure is started. (Default:
...
30)
Certificate expiry check interval (days)
Specifies how often the certificate is checked against its expiry date. (Default:
...
1)
| Info |
|---|
As an example, a certificate is valid until 31.12. of a year. If the period for renewal is set to 10 days, a new certificate will be requested for the first time on 21.12. of the same year. |