Menu path: Setup > Network > SCEP Client (NDES) > SCEP

Here, you can give information regarding the SCEP server used.

Because of the need to enter a fingerprint (CA root certificate) and the Challenge password (SCEP server), the configuration process is somewhat complicated. Ideally, it should be set up in the UMS as a profile and distributed to the devices. At the same time, the certificate cannot yet be used for communication purposes.

SCEP server URL: Address of the SCEP server. Examples: (Windows Server 2019); (before Windows Server 2019)

Proxy server for SCEP requests: Proxy server in the format host:port. If this field is empty, no proxy will be used.

Challenge password: Password for queries.

Certificate renewal period (days): Time interval before certificate expiry after which the certificate renewal procedure is started. (Default: 30)

Certificate expiry check interval (days): Specifies how often the certificate is checked against its expiry date. (Default: 1)

As an example, a certificate is valid until 31.12. of a year. If the period for renewal is set to 10 days, a new certificate will be requested for the first time on 21.12. of the same year.

For more information, see the how-to Providing the SCEP Server Data. See also Configuration of the SCEP Client.