Home

Cloud-based Certificate Authority

SCEPman

Cloud-based Certificate Authority

Home

SCEPman is a cloud-based certificate authority (CA). It easily enables your Intune and Jamf Pro-managed clients for certificate-based Wi-Fi authentication. But SCEPman can do more: You can also issue certificates for other client authentication purposes, for your servers as well as your IoT devices.

SCEPman is an Azure App that runs in your Azure tenant. You can install it within minutes, and it's super easy to operate. SCEPman enables Realtime Auto Revocation for Intune or Jamf Pro-managed clients/users.

Certificate based Authentication for WiFi, Lan and VPN
Issue X.509 client certificates to authenticate devices and users accessing your networks such as Wi-Fi, LAN and VPN. Enjoy full integration with Intune and Jamf Pro (SCEP) for a simple issuing and renewal workflow. Certificates are immediately revoked when you disable the user or device in Intune, Jamf Pro or Entra ID (Realtime Auto Revocation).
SCEPman enables easy TLS/SSL certificate issuance and renewal
SCEPman is a full-featured private PKI. You can issue (TLS/SSL) certificates to your servers (e.g. web servers), network components or Domain Controllers using either our web GUI (CSR or form-based), REST API, or a SCEP client. Enable automatic certificate renewal via EST (mTLS).
Secure code signing for executables and scripts, reducing software execution risks
With SCEPman you can issue certificates for code signing. This allows you to sign the code of your executables and scripts (e.g. Power Shell scripts, VBA macros) to reduce the risk of unwanted software being executed.
SCEPman issues S/MIME and Document Signing certificates for enhanced email and document security
Use SCEPman to issue S/MIME signing certificates for Outlook, helping prevent user impersonation and social engineering attacks via phishing. You can also attest the authenticity and integrity of a document (such as a PDF) by using a document signing certificate issued by SCEPman.
SCEPman offers secure certificate-based authentication for administrative access to critical infrastructure
OTP-based multi-factor authentication (MFA) can be circumvented with well-crafted phishing sites. Only certificate-based authentication should be used for Privileged Access Workstations (PAWs) via RDP or to central administrative portals such as Azure Portal. SCEPman can issue identity certificates directly to administrators' machines or to external smart card devices such as Yubikeys.
SCEPman provides easy IoT device certificate deployment for secure telemetry authentication
SCEPman provides an easy solution to equip your IoT devices with certificates. This enables your devices to authenticate to your telemetry backend securely. SCEPman provides the appropriate technology like ECC to ensure resource-efficient crypto algorithms on your devices as well as assembly line readiness.

SCEPman is an Azure App deployed in your Azure tenant

RADIUS Architecture