SCEP Relay Service
The SCEP Relay Service allows the MDM, IDMS, and device to create and deliver certificates to the device without firewall changes. Using the SCEP Relay Service, certificates can be automatically delivered to the user's device without firewall changes.
How it works
The SCEP Relay Service is installed on a server (typically cloud based) that the MDM can access. The MDM then sends the SCEP request to the Scep Relay service. The IDMS then retrieves this request, processes the request, and sends the certificate. The Scep Relay sends the certificate to the MDM which then sends the certificate to the phone.
Steps:
- MDM Instructions device to generate keypair
- Phone sends public key to MDM
- MDM formats into a SCEP Request
- MDM sends SCEP Request to SCEP Relay
- IDMS Retrieves the SCEP request
- IDMS uploads the certificate to SCEP Relay
- SCEP relay returns certificate to MDM
Installation Requirements
| Component | Detail |
|---|---|
| Operating System | Windows 2016/2019 |
| RAM | 4 Gig |
| .NET | 4.8 |
| Application Server | Internet Information Services |
| Certificates | SSL Certificate |
| Ports | 443 (A custom SSL port can also be used) |
IIS Manager View After Scep Relay service is installed
