Uploaded image for project: 'EJBCA'
  1. EJBCA
  2. ECA-9244

Allow the SCEP SSB to verify messages from Intune

    Details

    • Type: New Feature
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: EJBCA 7.4.1
    • Component/s: None
    • Labels:

      Description

      There currently exists an Intune connector for EJBCA at  https://github.com/agerbergt/intune-ejbca-connector.

      Upon analysis, it turns out that all this connector in reality does is extract the P10 from a SCEP request and pass it on to EJBCA using WS, in addition to making a single call to Intune using a provided Microsoft lib.

      To complete this ticket:

      • Add the required libraries from microsoft required to perform intune request verification
      • Add the required configuration fields to SCEP aliases
        • Note that for Intune to work, the password in the PKCS#10 should be ignored by EJBCA (as this is set by the client and verified by Intune), and the CA in the request should be ignored (the client will always specify the CA name as "ca")
      • Add the Intune call to SCEP RA mode 

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              mikek Mike Agrenius Kushner
              Reporter:
              mikek Mike Agrenius Kushner
              Verified by:
              Serkan Ongan
              Votes:
              1 Vote for this issue
              Watchers:
              5 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:

                  Time Tracking

                  Estimated:
                  Original Estimate - 1 week
                  1w
                  Remaining:
                  Remaining Estimate - 1 week
                  1w
                  Logged:
                  Time Spent - Not Specified
                  Not Specified