[Pki-users] Using SCEP
Hi!
I'm planning to evaluate Dogtag CA for issuing certs for mobile devices via SCEP.
But before plunging into full blown installation and tests I'd like to understand
overall SCEP cert enrolment workflow supported by Dogtag.
From the documentation on the web site I've figured out that it is
possible to send SCEP requests either to RA or directly to CA.
As I understood in RA
mode a user record with one-time PIN/Challenge has to be created in the 389 Directory
first, and then a cert can be requested via SCEP.
Is that correct?
I did not get an impression that I have to do same when sending SCEP requests directly to
CA.
Does anyone know if I have to create a user record in the 389 DS before sending a SCEP
request to CA directly?
Thanks in advance,
Oleg