Windows PKI blog

News and information for public key infrastructure (PKI) and Active Directory Certificate Services (AD CS) professionals

Updated Network Device Enrollment Service (aka SCEP) white paper

Updated Network Device Enrollment Service (aka SCEP) white paper

  • Comments 1
  • Likes

I have just updated this paper. Here is the latest draft: http://go.microsoft.com/fwlink/?LinkID=93875. In this paper, we cover Network Device Enrollment Service that allows certificate enrollment through the Simple Certificate Enrollment Protocol (http://tools.ietf.org/html/draft-nourse-scep-19). Specifically in this update, we’ve documented new functionality that allows for a single password mode and renewal based on an existing certificate.

 Alex Radutskiy

Program Manager, Windows Security

Comments
  • Hello Alex,

    I've just implemented the NDES in an infrastructure. I got /CertSrv/mscep and /CertSrv/mscep_admin working great.

    I then wanted to follow the advise about enabling SSL on these webpages. This works file, yet the /Cert/mscep page still talks about the redirection to the mscep_admin page using HTTP://ndes-srv/CertSrv/mscep_admin and not HTTPS://ndes-srv.domain.com/CertSrv/mscep_admin

    I've searched the registry, IIS GUI settings and the InetSrv applicationHost.config file to modify this behaviour without success. Any idea where to look for this redirection settings ?

    Thanks for any pointers,

    Erik Bussink

Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment