Generic SCEP
This document provides information regarding the configuration of the KMES Series 3 to enable SCEP connections from third-party applications. For additional questions about your KMES Series 3 device, see the relevant administrator’s guide.
The Simple Certificate Enrollment Protocol (SCEP) is a certificate management protocol that helps with automatic certificate issuing. SCEP standardizes a certificate exchange with a CA by using a URL and a shared secret. Many certificate use cases, such as Mobile Device Management (MDM), use SCEP to enable the automatic enrollment of laptops, tablets, smartphones, and many other mobile devices.
This document covers the following steps for integrating SCEP and the KMES Series 3:
- Create TLS certificates for the connection between the SCEP client and the KMES Series 3.
- Generate and sign the SCEP client certificate
- Generate and sign the SCEP server connection pair certificate
- SCEP Authentication Mechanisms.
- Username and password
- TLS certificate
- Test the SCEP client and the KMES Series 3 connection and authentication.
After you complete the preceding steps, SCEP transactions can occur.
The process for configuring the TLS certificates in the SCEP client varies between the different SCEP clients. This guide describes the standardized process for registering the TLS certificates on the KMES Series 3.