Simple Certificate Enrollment Protocol (SCEP) profiles enable you to install certificates onto devices silently without interaction from the end user.
Even with strong passcodes and other restrictions, your infrastructure remains vulnerable to brute force, dictionary attacks, and employee error. For greater security, you can implement digital certificates to protect corporate assets. To use SCEP to install these certificates to devices silently, you must first define a certificate authority, then configure a SCEP payload alongside your EAS, Wi-Fi, or VPN payload. Each of these payloads has settings for associating the certificate authority defined in the SCEP payload.
To push certificates to devices, configure a SCEP payload as part of the profiles you created for EAS, Wi-Fi, and VPN settings.