A Ruby gem to handle SCEP.

To install Ruby Scep:

$ gem install ruby_scep

Or you can include this in your project's Gemfile:

gem 'ruby_scep'

Then execute:

$ bundle

You must use a webserver (Webrick or related will do the trick) and declare two endpoints:

• GET /scep
• POST /scep An example server is included in this gem.

This gem would not exist without the following repos:

• Nolan Browns's IosCertEnrollment. Non-working SCEP but the profiles generation part worked alright https://github.com/nolanbrown/ios-cert-enrollment
• MicroMDM's SCEP Go server. It worked perfectly, so we could use it as a reference https://github.com/micromdm/scep/
• OneLogin SCEP gem. The first instance of OpenSSL::ASN1 that led me to the AppBlade repo https://github.com/onelogin/scep-gem/blob/master/lib/scep/asn1.rb
• AppBlade's SCEP controller. The final pieces of the puzzle: the PKIMessage building using a ASN1 structure. I could'nt have done it without them. https://github.com/AppBlade/TestHub/blob/master/app/controllers/scep_controller.rb

We decided to open-source our solution to give back to the community that helped us greatly. Do the same with your projects!

• CISCO's description of the SCEP protocol. Information about PKIMessage structure are also available here. https://www.cisco.com/c/en/us/support/docs/security-vpn/public-key-infrastructure-pki/116167-technote-scep-00.html
• SCEP RFC https://tools.ietf.org/html/draft-nourse-scep-23
• OID correspondance. A lifesaver to understand the ASN1 OIDs http://oid-info.com/

1. Fork it ( https://github.com/appaloosa-store/ruby_scep )
2. Create your feature branch (git checkout -b my-new-feature)
3. Commit your changes (git commit -am 'Add some feature')
4. Push to the branch (git push origin my-new-feature)
5. Create a new Pull Request.