SCEP

SCEP, or Simple Certificate Enrollment Protocol, is a network protocol used to enroll and obtain X.509 digital certificates from a Certificate Authority (CA) in an automated fashion. It is commonly deployed in enterprise networks and on network devices, mobile devices, and some servers to enable TLS, VPN, or code-signing certificates without manual certificate provisioning. The protocol is standardized in IETF as SCEP.

Workflow: A client first obtains the CA’s certificate(s) so it can validate the CA. It then generates

Security and limitations: SCEP relies on secure transport and sometimes on a pre-shared challenge password or

Adoption and context: SCEP remains widely used, particularly in the provisioning of network devices and on-premises