Auto-Enrollment Protocols

AppViewX CERT+ enables certificate auto-enrollment by automating all the steps involved, including CSR generation, domain ownership verification, certificate download, and provisioning, making the process efficient, scalable, and secure. AppViewX CERT+ supports all major auto-enrollment protocols including – ACME, EST, SCEP, Native Windows Auto-enrollment, and Microsoft Intune. Automating certificate enrollment reduces human error, outages, and security compromises, while improving productivity.

Auto-enrollment protocols are standardized enrollment mechanisms accepted across a wide range of enterprise systems for device and application certificate enrollment. Systems leveraging auto-enrollment protocols typically expect minimum to no admin intervention. Network devices such as routers-switches, DevOps tools, and Enterprise Mobility Management platforms are typical examples of such systems. If the deployment mode is:
  • SaaS or Managed Kubernetes, deploying a cloud connector enables auto-enrollment.
  • SaaS deployments where cloud connectors are unavailable, users should provide the AppViewX host information, which includes the IP address and port of the URL or endpoint. If their devices support auto-enrollment to a public URL, auto-enrollment is available as part of the tenant, and configuration details are provided in the documentation.

The cloud connector is advised for DMZ-based deployments or for enrollment through your cloud connector. This is especially useful in scenarios where endpoints cannot communicate with a public URL for auto-enrollment through a private channel, necessitating the use of the cloud connector.