Occasional Contributor II

scep url as VIP FQDN

Anyone out there doing SCEP enrollment from an MDM? We have it working but my concern is the SCEP URL on the onboard CA is bound to the hostname of the appliance, NOT the VIP FQDN. We have two appliances clustered and setup for standby publisher failover. In the event of a failover to the standby publisher, the hostname will be different for the SCEP URL. Is the onboard CA smart enough to account for the change or is there a way to reference the VIP FQDN instead?



Clustered Host1: (publisher)
Clustered Host2: (standby publisher)

SCEP URL cannot be edited and is

If we failover and promote to the publisher, it seems that scep enrollment would fail, so how do we make sure we point the scep request to the actual live publisher since it does not use the vip fqdn?

Guru Elite

Re: scep url as VIP FQDN

Point the MDM SCEP URL at:

| Tim Cappalli | Aruba Security | @timcappalli | |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Search Airheads
Showing results for 
Search instead for 
Did you mean: