Nexus Windows Enrollment Proxy - WinEP
This article describes the Nexus Windows Enrollment Proxy (WinEP) in Nexus Certificate Manager.
Nexus Windows Enrollment Proxy (WinEP) facilitates enrollment to Microsoft Windows clients through native protocols.
WinEP requires the WinEP service as well as the WinEP Protocol Gateway servlet, both from Nexus. Information regarding installation, configuration and usage of the WinEP service can be found in the Certificate Manager WinEP documentation.
Clients connected to the network enroll for certificates with a native Windows enrollment client. The enrollment client will ask the Active Directory where a certain Certificate Template is supposed to enroll for certificates. The client then communicates, via Distributed Component Object Model (DCOM), with the host on which the Certificate Template is enrolling, in this case of the WinEP service. The WinEP service then communicates over two-way TLS with the WinEP servlet in Protocol Gateway, which in turn talks to the Certificate Manager (CM) backend to issue the certificate.