Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
209
Views
0
Helpful
3
Replies

Cisco Catalyst SD-WAN - Manager - Enterprise CA with SCEP

Learning101
Level 1
Level 1

‎05-12-2025 05:31 AM

Hi,

I would like to automate certificate deployment for our sdwan enviroment.

There is an opition Enterprise CA with SCEP, but is this for cedge onboarding or is it only for TLS/SSL Decryption ?

Best regards

0 Helpful
3 Replies 3

Torbjørn
VIP
VIP

‎05-12-2025 05:48 AM - edited ‎05-12-2025 05:49 AM

This option is for WAN-Edge/cedge onboarding. It might be a good fit for your usecase if you can't use SUDI certificate for onboarding. 

Happy to help! Please mark as helpful/solution if applicable.
Get in touch: https://torbjorn.dev
0 Helpful

Learning101
Level 1
Level 1

‎05-12-2025 06:10 AM

Thank you for your answer, but what are the steps.

I have my Enterprise CA with SCEP configured and it works just fine on IOS if I do enrolment.

When device connects to vbond and vmange, does vmange periodically check if there are any new device without certificate and sends it to CA ? Where are additional settings like auto-enroll , retry count, retry period and so on, there are only root cert, challenge pass and url settings. There is almost no documentation regarding this procedure. (or maybe I cannot find it...)

Best regards

0 Helpful

Learning101
Level 1
Level 1
In response to Learning101

‎05-14-2025 04:40 AM

Hi,

for anyone who is wondering if it's possible to do automation with scep to retrieve certificates from CA, i got a definite answer that this is currently unsupported feature.

The solution for issuing and renewal of Certificates is use of APIs, we were able write python scripts to automate this procedure to certain degree.

Best regards

0 Helpful
Customers Also Viewed These Support Documents