How To Create an Azure Based Certificate Authority for Intune
Create an Azure Based Certificate Authority for Intune In Minutes with EZCA
For many years, Users have been asking for an Azure based PKI that can issue SCEP certificates for Intune. Today we are happy to announce that our Azure based CA can now issue SCEP certificates for Intune.
With this integration, organizations can now use passwordless authentication for their Virtual Private Network (VPN), network infrastructure, and more, without the need for a large on-premises infrastructure. This includes eliminating the need for domain controllers, certificate authorities, hardware security modules (HSMs), certificate revocation list (CRL) servers, and SCEP servers.
By leveraging Keytos’s Azure-based PKI solution, organizations can now easily and securely issue and manage SCEP certificates for Intune, without the need for a large team to maintain and manage their infrastructure. This aligns with Keytos and Microsoft’s shared vision of allowing organizations to go fully passwordless in a cloud-only environment, democratizing cybersecurity by lowering the barriers of entry and enabling organizations to have a secure and compliant infrastructure without the need for a large team to maintain it.
What is SCEP
Before we get started we must understand what is Simple Certificate Enrollment Protocol (SCEP). SCEP is a certificate enrollment standard that enables devices to issue certificates by using a key provided by a 3rd party. The Certificate Authority (CA) must be able to communicate with this trusted third party (in this case Intune) to validate that the key provided by the device is allowed to request a certificate.
Getting Started
We bet you are as excited as we are for this new integration, so we wanted to share with you the necessary steps to get your Intune SCEP certificate distribution up and running:
1) Register the Keytos Application in your Tenant & Register the EZCA Intune Application in your Tenant This will allow EZCA to authenticate your users and check the certificate request status in Intune to issue certificates to your Intune Managed devices.
2) Create your EZCA Instance In Azure.
3) Once you have your EZCA instance you are ready to create your Intune CA.
4) Finally create your Intune device profiles and start issuing secure certificates to your user’s devices.
Secure and Complaint
At the heart of any reliable identity management system lies security and compliance. That’s why we take these pillars seriously. While it may be easy to set up and connect EZCA to Intune, you can rest assured that we take the necessary steps to secure our infrastructure and meet and exceed worldwide regulatory compliance standards. With EZCA, you can trust that your Azure PKI is being run as a world class PKI with the highest level of security and compliance.
Keytos Is Here For Your Passwordless Journey
Modernize All Your PKI with EZCA
While in this blog we only talk about the new Intune integration, EZCA also offers other features that make it the best PKI solution for Azure customers such as: Our Automatic Azure Application Certificate rotation with Key vault, Azure IoT (Internet of Things) one click integration, ADCS CA management, and local ACME integration.
Full Passwordless Authentication With FIDO2, SmartCard and Phone Authentication
Our main goal at Keytos is to help organizations go fully passwordless, while we just saw how EZCA can help you by issuing SCEP certificates for your devices with Intune, one of the biggest hurdles for passwordless authentication is user onboarding. Learn how EZSmartCard can work with EZCA to help organizations go fully passwordless
Let Us Help
If you would like to learn more or talk to a PKI expert about setting up your own Intune CA, you can Talk to a PKI expert for FREE. We are here to help you on your passwordless journey, and ensure that your PKI is set up properly and securely.
Join our Newsletter
*** This is a Security Bloggers Network syndicated blog from Keytos authored by Keytos. Read the original post at: https://www.keytos.io/blog/2023/01/31/Azure-Intune-SCEP-Certificate-Authority.html