Skip to main content
Skip table of contents

SCEP Client (NDES) in IGEL OS 12

SCEP allows the automatic provision of client certificates via an SCEP server and a certification authority. This type of certificate is automatically renewed before it expires and can be used for purposes such as network authentication (e.g. IEEE 802.1x). This article shows how to configure SCEP certificate management in IGEL OS.

The SCEP configuration process is quite complex, for example, you need to enter the CA certificate fingerprint (under Certification Authority) and the Challenge password (under SCEP server). To save time and effort, we recommend you to set up SCEP in the IGEL Universal Management Suite (UMS) as a profile and distribute it to the devices. For more information, see How to Create and Assign Profiles in the IGEL UMS Web App.

Menu path: Network > SCEP Client (NDES)

image-20250620-142917.png

Manage certificates with SCEP

☑ Certificate management via SCEP Client (NDES) is enabled. 

☐ Certificate management via SCEP Client (NDES) is not enabled. (Default)

A Microsoft Windows Server (MSCEP, NDES) for example can serve as a queried counterpart (SCEP server and certification body). More information can be found at Microsoft, e.g. in the following Technet article: Network Device Enrollment Service (NDES) in Active Directory Certificate Services (AD CS).

SCEP Server in IGEL OS 12
Certificate
Certification Authority Configuration in IGEL OS12
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close