Request certificate via SCEP in Certificate Manager
The enrollment process is made up of the following major steps:
- Hardware registration in CM
The hardware must be registered in the Certificate Manager database. A registration contains the fully qualified domain name (FQDN), and optionally a challenge password, an IP address and serial number of the hardware. - Certificate enrollment
A certificate request is sent from the router or firewall via the SCEP service to the CF service. The request must contain the FQDN, the challenge password and, optionally, the IP address and serial number. A control is made against the database and the submitted challenge password is verified against the one stored in the database. If the request meets all requirements, a certificate will be created and returned to the requesting hardware.