Automating Windows Auto Enrollment (WSTEP) with an Entrust-hosted Enrollment Gateway
Entrust PKIaaS integrates into Microsoft Active Directory environments to automate enrollment with the following Microsoft protocols.
|
Protocol |
Purpose |
See |
|
X.509 Certificate Enrollment Policy Protocol (MS-XCEP) |
Defines the interactions between a requesting client and a responding server to exchange a certificate enrollment policy, which is the collection of certificate templates and certificate issuers available to the requestor for X.509 certificate enrollment. |
learn.microsoft.com/en-us/openspecs/windows_protocols/ms-xcep |
|
WS-Trust X.509v3 Token Enrollment Extensions (MS-WSTEP) |
Define the message formats and server behavior to manually or automatically enroll X.509 certificates for users and computers. |
learn.microsoft.com/en-us/openspecs/windows_protocols/ms-wstep |
See below for the required configuration steps.
Creating an Entrust-hosted Certificate Enrollment Gateway for WSTEP
Managing Microsoft certificate templates in Active Directory
See the following video for a quick guide on the required steps.