The enrollment endpoints of the CEG Service can be:

• An end-user or machine in a Windows domain.
• A user or machine connected to a Windows domain.

This section describes how to integrate these endpoints with Certificate Enrollment Gateway using WS-Trust X.509v3 Token Enrollment Extensions (WSTEP). Certificate Enrollment Gateway does not use NTLM authentication.