Your browser does not allow storing cookies. We recommend enabling them.

PreviousNextUp[Front page] [Index]

Editing the SCEP Service

Several VPN gateways and VPN clients support the Simple Certificate Enrollment Protocol (SCEP) for enrolling certificates from the CA. It is a simple online protocol, which provides means of getting a certificate to a VPN box such as router. SCEP Service can be used to provide this service in SSH Tectia Certifier.

Basic Settings

Service description is a free-form description of the Service and its function.

Service status can be either Active or Disabled. If the service is Disabled, it does not perform its function. This option can be used to take the service temporarily out of use.

Service bind address is an HTTP URL, since SCEP uses HTTP as a transport mechanism. Optionally, also Service domain name can be given (a fully qualified domain name). If the field is left empty, the name is generated from the Service bind address.

Service domain name and Service description are shown on the web enrollment pages. Service domain name is also shown on the entity print page.

Figure : Editing the SCEP Service configuration

Accessible CAs

Accessible CAs is used to define the CAs of the system that can be accessed via the Service. If all CAs can be used with the Service, click All CAs. If only some CAs can be used, click Only selected CAs, select the CAs you want to use with the service from the drop-down list, and click Add. Or click All except selected CAs and select the CAs that cannot be used and click Add.

Entity Mapping is used to select the method used by the SCEP Service to map an entity to a request. If an LDAP Authentication Service has been defined, it can be selected. Otherwise only Pre-Shared Key can be selected.

Commiting Changes

Click the Continue button to accept changes made to the Service settings, or click Cancel to discard them. After clicking Continue, remember to Commit Changes on the Edit Server Entity page.

PreviousNextUp[Front page] [Index]




What to read next:

  • Reduce Secure Shell risk. Get to know the NIST 7966.

    The NISTIR 7966 guideline from the Computer Security Division of NIST is a direct call to action for organizations regardless of industry and is a mandate for the US Federal government.
    Download now
  • ISACA Practitioner Guide for SSH

    With contributions from practitioners, specialists and SSH.COM experts, the ISACA “SSH: Practitioner Considerations” guide is vital best practice from the compliance and audit community.
    Download now