PreviousNextUp[Front page] [Index]

Editing the SCEP Service

Several VPN gateways and VPN clients support the Simple Certificate Enrollment Protocol (SCEP) for enrolling certificates from the CA. It is a simple online protocol, which provides means of getting a certificate to a VPN box such as router. SCEP Service can be used to provide this service in SSH Tectia Certifier.

Basic Settings

Service description is a free-form description of the Service and its function.

Service status can be either Active or Disabled. If the service is Disabled, it does not perform its function. This option can be used to take the service temporarily out of use.

Service bind address is an HTTP URL, since SCEP uses HTTP as a transport mechanism. Optionally, also Service domain name can be given (a fully qualified domain name). If the field is left empty, the name is generated from the Service bind address.

Service domain name and Service description are shown on the web enrollment pages. Service domain name is also shown on the entity print page.


gui-editconfigurationforscepservice-40.gif
Figure : Editing the SCEP Service configuration

Accessible CAs

Accessible CAs is used to define the CAs of the system that can be accessed via the Service. If all CAs can be used with the Service, click All CAs. If only some CAs can be used, click Only selected CAs, select the CAs you want to use with the service from the drop-down list, and click Add. Or click All except selected CAs and select the CAs that cannot be used and click Add.

Entity Mapping is used to select the method used by the SCEP Service to map an entity to a request. If an LDAP Authentication Service has been defined, it can be selected. Otherwise only Pre-Shared Key can be selected.

Commiting Changes

Click the Continue button to accept changes made to the Service settings, or click Cancel to discard them. After clicking Continue, remember to Commit Changes on the Edit Server Entity page.


PreviousNextUp[Front page] [Index]