/tags/pki/ Recent content in Pki on Network Haven Hugo en-us Wed, 13 May 2026 12:00:00 +0200 /posts/2026/fixing-scep-certificate-enrollement-over-https-on-elux-thin-clients/ Wed, 13 May 2026 12:00:00 +0200 /posts/2026/fixing-scep-certificate-enrollement-over-https-on-elux-thin-clients/ <p>Currently we trying out eLux as an replacement of older thin clients with ThinOS or IgelOS. We tried to configure 802.1x authentication and the therefore needed certificate enrollment with our current SCEP/NDES server. We came across the issue that the scep client that eLux uses – <a href="https://github.com/certnanny/sscep">sscep</a> – an open source “Simple SCEP client for Unix” <strong>doesn’t support certificates requests over HTTPS</strong>.</p> <p>When investigating the problem we found this GitHub issue which explains our problem. Our NDES server was only reachable over HTTPS – both on the administration page and most importantly also on the request web page (certsrv/mscep) where the client requests their certificates.</p>