This is the quick post to share the supported 3rd party certification authority partners for SCEP with Intune. Well, Intune supports third-party certificate authorities and you shall get more details about the same in this post.
Third-party CAs can provision Windows 10 and mobile devices with new or renewed certificates by using the SCEP certificates.
Architecture
More details about SCEP profile deployment and architecture are available in the following blog posts from Joy!
- Learn The Basic Concepts of PKI – Intune PKI Made Easy With Joy Part-1
- Knowing SCEP – The General Workflow Intune PKI Made Easy With Joy – Part 2
- Intune SCEP Deep Dive – Intune PKI Made Easy With Joy – Part 3
- Intune SCEP Certificate Workflow Analysis – Intune PKI Made Easy With Joy – Part 4

List of 3rd Party Certification Authority Partners
You need to validate third-party certification authority before integrating with Intune NDES etc.. You can also check your certification authority’s guidance for more information. The CA may include setup instructions specific to their implementation.
I will try to keep this list up to update. Otherwise, you can refer to the resources section to get more details from Microsoft docs.
- Entrust Datacard
- EJBCA GitHub open-source version
- EverTrust
- GlobalSign
- IDnomic
- Sectigo
- DigiCert
- Venafi
- SCEPman
Resources
- Intune Certificate Deployment Step by Step Guide
- Third-party certification authority partners – Microsoft Docs