Frequently Asked Questions

PKIaaS.io supports multiple certificate signing workflows most of which start by clicking on a template while logged into the Administrator UI and selecting either "Submit CSR", "Create Pre-Approved Request", or "Public Certificate Request".
Here's a video that demonstrates issuance through a public certificate request https://www.youtube.com/watch?v=tH-0TQCjHf8.

All validity dates and times are ultimately stored in certificates in UTC, so we set our servers to UTC to keep things simple. In order for us to show you the correct date, you'll need to login to the Administrator UI and update your profile with the correct time zone.

Usage of PKIaaS.io is free, but some features and functionality will be limited without an active Patreon subscription..

Revocation is disabled, the number of certificates issued will be limited to 10 and the maximum certificate lifetime will be 30 days.

Log in to PKIaaS.io by clicking "Manage PKI", click you user account at the top right, and choose "Profile". Use the link on the profile page to login to Patreon and associate your account.

Edit the template you'd like to enable SCEP with Intune and choose the SCEP tab. Enable the "Enable Microsoft Intune/Endpoint Manager Integration" checkbox and fill out the three required fields. To get values for these fields, follow the Microsoft documentation to set up third-party CA integration. After following the steps in the documentation, you must also do the below steps to add the "Application.Read.All" API permission.

• Navigate to your Azure App
• Go to API permissions
• Click 'Add a permission'
• Select the 'APIs my organization uses' tab
• Search for 'Windows'
• Select 'Windows Azure Active Directory'
• Select 'Application permissions'
• Select 'Application.Read.All'
• Finally, grant admin consent to this permission