|Profiles and policies / Configurations for Sophos container policies for iOS|
With the SCEP configuration you enable devices to request certificates from a Certificate Authority using the Simple Certificate Enrollment Protocol (SCEP). These certificates are available to the Sophos Secure Workspace app if it is installed in the Sophos container.
|URL||The web address of the Certificate Authority server.
Use the variable %_SCEPPROXYURL_% to refer to the server URL that is configured on the SCEP tab of the System setup page.
|Alias name||The name under which the certificate will appear in selection dialogs.
This should be a memorable name to identify the certificate. For example, use the same value as in the Subject field, but without the CN= prefix.
|Subject||The name of the entity (for example person or device) that will receive the
You can use placeholders for user data or device properties.
The value that you enter (with placeholders replaced by the actual data) must be a valid X.500 name.
For information on available placeholders, see Placeholders in profiles and policies.
|Type of Subject Alternative Name||Optionally, configure a Subject Alternative Name (SAN). Select one of the available SAN types.|
|Value of Subject Alternative Name||If you have selected a SAN type, enter the SAN value.|
|NT user login name|
|Challenge||The web address to obtain a challenge password from the SCEP server.
Use the variable %_CACHALLENGE_% to refer to the challenge URL that is configured on the SCEP tab of the System setup page.
|Root certificate||The CA certificate.
Select the certificate from the list. The list contains all certificates that you have uploaded in Root certificate configurations of the current profile.
|Key size||The size of the public key in the issued certificate.
Make sure that the value matches the size configured on the SCEP server.
|Use as digital signature||If you select this check box, the public key can be used as a digital signature.|
|Use for encryption||If you select this check box, the public key can be used for data encryption.|