Cloud based Certification Authority


Cloud based Certification Authority


SCEPman is your cloud-based certification authority. It easily enables your Intune and JAMF managed clients for certificate based WiFi authentication.

But SCEPman can do more. SCEPman is an Azure App, that runs in your Azure tenant. You can install it within minutes and operations is super-easy. It can issue certificates for clients (device & users) as well as AD Domain controllers (Hybrid Key Trust for WHFB). SCEPman validates certificates with the modern OCSP protocol. For each validation, SCEPman checks the corresponding device/user with your identity provider (Azure AD or JAMF).

SCEPman is an Azure App, that you run in your Azure tenant

RADIUS Architecture

Why authenticate with certificates to access the network?

We hear this question frequently: "Why should I not log in to my WIFI by using my (Azure) Active Directory credentials?"

We believe that users should use their (Azure) Active Directory credentials as little as possible. Working password-less is state of the art and prevents identity theft. This is why we use certificates for network authentication. Authenticating with certificates means no credentials are transferred.

There is another benefit: device certificates are available for the operating system prior to user login. Therefore, network connections can be established before Windows user logon.

Finally, it's not a big deal: Certificates and WiFi profiles can be easily deployed to clients. SCEPman is built to make this very easy for environments with clients that are managed by Intune or JAMF.