Hi Anzio,
Thank you for the details step by step guide.
I have a query regarding Intune Certificate Connector and deploying certificate for internet based Windows 10 computers.
We are planning to provision device over internet (Windows Autopilot) and distribute certificates (for Device, WiFi,VPN etc.) while provisioning. I see here – https://oofhours.com/2020/04/05/intune-certificates-something-everyone-should-set-up/ (written for SCEP) states NDES should be connected through reverse proxy to allow inbound (443) to serve internet clients.
We are planning to use PFX connector. Is making Intune Certificate PFX connector using reverse proxy not applicable when we want to serve clients in internet? I am asking this because i am assuming SCEP and PKCS both uses NDES and I see an article here- https://ronnydejong.com/2017/02/20/part-1-deploying-microsoft-intune-pfx-connector-in-an-enterprise-worldcommon-practices/ which says internet inbound not required?
P.S: I understand that Intune Certificate PFX connector (deployed on-prem and with outbound to internet) will query Intune & push the certificates to Intune and Intune will push the certificates to client device itself. Will it work for when we want to deploy certificate in demand? Will it work for Hybrid autopilot scenarios where the device certificates should have subject format name as CN={{fullyQualifiedDomainName}}. What is the default frequency of push from Intune Certificate PFX connector to Intune?
Sorry for asking too many questions here...
Regards,
Saravanan R
.