Cortado Mobile Solutions

My Tickets
Welcome
Login

How to include a SCEP server

During the MDM configuration,  a certificate authority that uses the Simple Certificate Enrollment Protocol (SCEP) was established. This ensures that certificates for those mobile devices managed with Mobile Device Man­agement are requested and issued automatically. You can use these self-generated certificates for a proof of concept.

Use self-generated certificates

Use SCEP server

Use self-generated certificates

If you want to use this self-generated certificates, then you don’t need to make any further changes to the settings in the Management Console.

These correspond to the default settings under: Control Panel→ Global Settings→ MDM→ Configure→ SCEP Server→ Use self cre­ated certificates (arrow in illus.).

using self-generated certificates

Use SCEP server

However, for a production environment, we recommend using a separate SCEP server.

  • In the management console select: Control Panel→ Global Settings→ MDM→ Configure→ SCEP Server→ Use SCEP server.

enter SCEP server in the management console

  •  SCEP server URL: Enter here the URL for mscep.dll in the newly installed SCEP server: http:// SCEP_server_address / certsrv / mscep / mscep.dll (example for Microsoft SCEP server: http:// 192.168.149.51 / certsrv / mscep / mscep.dll)
  •  SCEP server challenge URL: Enter here the URL, from which the challenge password will be read: http://< SCEP_server_address>/certsrv/mscep_admin (example: http://192.168.149.51/certsrv/mscep_admin)
  •  SCEP server challenge pattern: This is the search pattern for reading the challenge password. With Windows SCEP servers keep the default value.
  •  SCEP issuer thumbprint: This is the SCEP server’s CA certificate thumbprint – necessary for Android MDM.
  • Confirm with OK.

Did you find it helpful? Yes No

Send feedback
Sorry we couldn't be helpful. Help us improve this article with your feedback.