SCEP Server in IGEL OS 12
This article describes the settings required for a SCEP server in IGEL OS.
Menu path: Network > SCEP Client (NDES) > SCEP Server
Â
Because of the need to enter a fingerprint (CA root certificate) and the Challenge password (SCEP server), the configuration process is somewhat complicated. Ideally, it should be set up in the UMS as a profile and distributed to the devices. For more information, see Universal Management Suite > IGEL UMS Web App > Configuration - Centralized Management of Device Settings in the IGEL UMS Web App > How to Create and Assign Profiles in the IGEL UMS Web App.
At the same time, the certificate cannot yet be used for communication purposes.
Â
SCEP server URL
Address of the SCEP server.
Examples:
http://myserver.mydomain.com/certsrv/mscep/mscep.dllÂ
(Windows Server 2019)http://myserver.mydomain.com/certsrv/mscep
 (before Windows Server 2019)
Â
Proxy server for SCEP requests
Proxy server in the format host:port
. If this field is empty, no proxy will be used.
Challenge password
Password for queries
Â
Certificate renewal period (days)
Time interval before certificate expiry after which the certificate renewal procedure is started. (Default:Â 30)
Â
Certificate expiry check interval (days)
Specifies how often the certificate is checked against its expiry date. (Default:Â 1)
As an example, a certificate is valid until 31.12. of a year. If the period for renewal is set to 10 days, a new certificate will be requested for the first time on 21.12. of the same year.