Updated Network Device Enrollment Service (aka SCEP) white paper

I have just updated this paper. Here is the latest draft: https://go.microsoft.com/fwlink/?LinkID=93875. In this paper, we cover Network Device Enrollment Service that allows certificate enrollment through the Simple Certificate Enrollment Protocol (https://tools.ietf.org/html/draft-nourse-scep-19). Specifically in this update, we’ve documented new functionality that allows for a single password mode and renewal based on an existing certificate.

 Alex Radutskiy

Program Manager, Windows Security

Comments

• Anonymous
  January 01, 2003
  Hello Alex, I've just implemented the NDES in an infrastructure. I got /CertSrv/mscep and /CertSrv/mscep_admin working great. I then wanted to follow the advise about enabling SSL on these webpages. This works file, yet the /Cert/mscep page still talks about the redirection to the mscep_admin page usingHTTP://ndes-srv/CertSrv/mscep_admin and notHTTPS://ndes-srv.domain.com/CertSrv/mscep_admin I've searched the registry, IIS GUI settings and the InetSrv applicationHost.config file to modify this behaviour without success. Any idea where to look for this redirection settings ? Thanks for any pointers, Erik Bussink

• Anonymous
  August 11, 2015
  How can I configure SSL for just the mscep_admin page and correct the link in the mscep page to show https?