SCEP server and SCEP client

Provisioning and administration of the certificates is handled by an SCEP server that fulfills the usual function of a Certificate Authority (CA) as well as the SCEP functions. This server can, for example, be implemented as a Windows Server CA by using a special plug-in (mscep.dll). There are also a number of other CA solutions which work with SCEP, such as the OpenSource solution OpenCA (www.openca.org).

The SCEP extension such as with mscep.dll creates an additional instance on the server and processes requests from SCEP clients for forwarding to the actual CA. This entity is referred to as the Registration Authority (RA).

The VPN routers are SCEP clients that attempt to automatically retrieve the necessary certificates from the central server. Also generally required by the SCEP procedure are the RA (Registration Authority) certificates as signed by the CA. For VPN operations the VPN routers primarily require valid system certificates (device certificates). Any other certificates which may be in use only apply to the SCEP procedure.

www.lancom-systems.com

LANCOM Systems GmbH | A Rohde & Schwarz Company | Adenauerstr. 20/B2 | 52146 Wuerselen | Germany | E‑Mail info@lancom.de

LANCOM Logo