In CA Gateway, you must create profiles for each Managed CA that will issue certificates for MDM-SCEP enrollment. Each profile must issue one of the MDM-SCEP certificate types you added earlier to the Managed CA.

When adding these profiles to CA Gateway:

• The Subject Variable Requirements settings are not supported.
• The Subject Builder Configuration settings are not supported.
• The values for the Certificate Type and Certificate Definition settings must match the values specified in the Managed CA.
• The LDAP entry creation mode setting must be false.