One of the important security management responsibilities of Microsoft Intune is the ability to issue certificates to devices using the Simple Certificate Enrollment Protocol (SCEP).

Starting today, Intune now supports third party certification authorities for SCEP – starting with Entrust as first CA.

Support of Active Directory Certificate Services is still supported of course Smile

Below an high level diagram explaining how SCEP works with Intune (courtesy Microsoft)

image

To setup the third party CA support for Intune you need to use an open-source API (http://github.com/Microsoft/Intune-Resource-Access/tree/develop/src/CsrValidation) and the administration portal.

The below high level diagram explains how SCEP is working with third party CA (courtesy Microsoft)

image

All details to set it up are available here https://docs.microsoft.com/en-us/intune/certificate-authority-add-scep-overview

Leave a Comment

nineteen − 15 =

This site uses Akismet to reduce spam. Learn how your comment data is processed.