I have just updated this paper. Here is the latest draft: http://go.microsoft.com/fwlink/?LinkID=93875. In this paper, we cover Network Device Enrollment Service that allows certificate enrollment through the Simple Certificate Enrollment Protocol (http://tools.ietf.org/html/draft-nourse-scep-19). Specifically in this update, we’ve documented new functionality that allows for a single password mode and renewal based on an existing certificate.
Program Manager, Windows Security
I've just implemented the NDES in an infrastructure. I got /CertSrv/mscep and /CertSrv/mscep_admin working great.
I then wanted to follow the advise about enabling SSL on these webpages. This works file, yet the /Cert/mscep page still talks about the redirection to the mscep_admin page using HTTP://ndes-srv/CertSrv/mscep_admin and not HTTPS://ndes-srv.domain.com/CertSrv/mscep_admin
I've searched the registry, IIS GUI settings and the InetSrv applicationHost.config file to modify this behaviour without success. Any idea where to look for this redirection settings ?
Thanks for any pointers,