SCEP certificate authorization sequence

asked 2019-05-06 20:37:19 +0000

I am trying to configured a PLC to perform a certification with a CA server but unsuccessful so far. Instead of getting into my specific configuration, could anyone provide a sample SCEP sequence of a successful session between client/server which does not use SSL? I know there are a lot of details that I just glossed over but I'm just trying to determine each step in a given simple sequence for a properly working system, so I can see where my setup "goes off the rails". Thanks!

answered 2019-05-06 23:01:29 +0000

SYN-bit

18344 ●9 ●301 ●255 https://SYN-b.it

Here is the startup sequence of an IP phone getting a new CA and performing SCEP to get a new certficate signed by the new CA:

GET /---settings---.txt HTTP/1.1 
HTTP/1.1 200 OK  (text/plain)
GET /---logo---.jpg HTTP/1.1 
HTTP/1.1 200 OK  (JPEG JFIF image)
GET /---old-root-ca---.pem HTTP/1.1 
HTTP/1.1 200 OK  (text/plain)
GET /---old-issuing-ca---.pem HTTP/1.1 
HTTP/1.1 200 OK  (text/plain)
GET /---new-issuing-ca---.pem HTTP/1.1 
HTTP/1.1 200 OK  (text/plain)
GET /---new-root-ca---.pem HTTP/1.1 
HTTP/1.1 200 OK  (text/plain)
GET /certsrv/mscep/mscep.dll?operation=GetCACert&message=CAIdentifier HTTP/1.0 
HTTP/1.1 200 OK  (application/x-x509-ca-ra-cert)
GET /certsrv/mscep/mscep.dll?operation=PKIOperation&message=---base64-data--- HTTP/1.0
HTTP/1.1 200 OK  (application/x-pki-message)

This overview has been scrubbed and I can't share more details as the trace contains customer data. But I hope this helps...

edit flag offensive delete link

Comments

Yes it does - thanks SYN-bit!

npmilani ( 2019-05-07 04:36:08 +0000 )edit

add a comment

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

SCEP certificate authorization sequence

1 Answer

Comments

Your Answer

Question Tools

Stats

Related questions

SCEP certificate authorization sequence edit

1 Answer

Comments