Entrust PKI as a Service provides the following certificate profiles for Intune-SCEP enrollment with Certificate Enrollment Gateway.
Profile | Usages |
|---|---|
intune-digital-signature-key-encipherment | Digital signature and key encipherment. |
intune-digital-signature | Digital signature. |
intune-key-encipherment | Key encipherment. |
intune-non-repudiation | Digital signature and non repudiation. |
Unless specified in an Intune request, these SCEP certificate profiles have a 3-year duration. These Intune-SCEP certificate profiles support the following extensions in the certificate requests.
Certificate request extension | OID |
|---|---|
CertificatePolicies | 2.5.29.32 |
ExtendedKeyUsage | 2.5.29.37 |
ApplicationPolicies | 1.3.6.1.4.1.311.21.10 |
SmimeCapabilities | 1.2.840.113549.1.9.15 |
MSTemplateOID | 1.3.6.1.4.1.311.21.7 |
MSTemplateName | 1.3.6.1.4.1.311.20.2 |