Use AAD as Cert Authority for SCEP, keep the whole SCEP process in the cloud
I haven't been able to find any information that Intune can use Azure Active Directory as the Certificate Authority for SCEP. I'd like to see this feature added to keep the whole process in the cloud.
an AzureAD and Intune connected SCEP as a cloud service is now available with a 3rd party companion to Intune called SCEPman.
It's already listed in the Intune documentation (https://docs.microsoft.com/en-us/intune/certificate-authority-add-scep-overview#third-party-certification-authority-partners) and available in the Azure Marketplace (https://azuremarketplace.microsoft.com/en-us/marketplace/apps/gluckkanja.scepman).
A good blog article is written bei MVP Oliver Kieselbach:
More information on the SCEPman website:
Pricing is per user, but there's a free community edition available.
Just for the record: I am working for the Microsoft Partner responsible for the SCEPman development.
Rudi Groenewald commented
We need a way to have SCEP as a service as part of Intune or Azure AD for companies who are cloud only, no infrastructure.
Berry Schreuder commented
This should not require any on prem components