Simple Certificate Enrollment Protocol (SCEP) profiles allow you to install certificates onto devices silently without the need of end-user interaction.
Even if you protect your email, Wi-Fi, and VPN with strong passcodes, your infrastructure remains vulnerable to brute force, dictionary attack, and employee error. For greater security, you can implement digital certificates to protect corporate assets. To use SCEP to install these certificates to devices silently, you must first define a certificate authority, then configure a SCEP payload alongside your EAS, Wi-Fi, or VPN payload. Each payload has settings for associating the certificate authority defined in the SCEP payload.
To push certificates to devices, you must configure a SCEP payload as part of the profiles you created for EAS, Wi-Fi, and VPN settings.