|Applies To||Keon Certificate Authority 6.5.1|
Keon Registration Authority 6.5.1
Microsoft Windows 2000 Server SP4
Simple Certificate Enrollment Protocol (SCEP)
|Issue||How does auto-vetting with SCEP work in Keon Registration Authority?|
If setting up auto-vetting, will the devices trying to connect in through Keon Registration Authority be able to connect as if they were coming in through Keon Certificate Authority?
|Resolution||SCEP auto-vetting in Keon Registration Authority works the same as it does for Keon Certificate Authority, e.g. auto-vetting will be based on the source IP/host (not KRA's). The auto-vetting (e.g. the determination of whether to issue the certificate based on the source IP/host and the Jurisdiction configuration) takes place at KRA. If the request passes the auto-vetting stage at KRA, KRA will then communicate with KCA (using our own protocol, not SCEP) to issue the certificate (no further vetting takes place at KCA).|
|Legacy Article ID||a29966|