intune SCEP NDES 500 Error
If the relevant certificates are in an expired state, were deleted, or revoked from the issuing CA for any causes, the NDES service will fail to start resulting in the Intune SCEP HTTP Error 500 – Internal Server Error. This is what expired on our SCEP server: The certificates were the CEP Encryption and the Exchange Enrolment Agent, now the renewal can be a little bit of fun depending on how you have our certificates templates setup, both of these certificates need to be valid in order for SCEP to work. CEP Encryption This certificate will need to be generated as a local computer certificate, so brose the certificate authority on the MMC and connect to the CA giving the CA for you, once there right click on the "Certificate Template" option and choose manage Once that loads find your certificates which is this case is "CEP Encryption" Once you have this certificate you will need to right click and choose properties, if then then pop on to the security tab you will