Basics
Last updated
Was this helpful?
Last updated
Was this helpful?
Linux: AppConfig__AnonymousHomePageAccess
Value: true or false
Description: When not configured or set to true, anyone on the internet knowing the app service's URL can access the SCEPman Homepage and see status information like the SCEPman version and whether SCEPman is up and running (except if you prevent this with a firewall). We consider this non-sensitive information, but if you want to hide it, set this to false. Then, the homepage is deactivated for browser access and this information is not visible anymore.
Linux: AppConfig__BaseUrl
Value: App Service Name or
Description: This defines the public OCSP endpoint URL for the certificates. By default, the value contains the App Service Name. If you want to use a , you need to change this value.
Linux: AppConfig__LicenseKey
Value: empty or license key
Description: If you are using a trial deployment or the community edition this field leaves empty. After you purchased the Enterprise Edition you will receive a license key from us, then you can insert this key into this setting.
Linux: AppConfig__RemoteDebug
Value: Date or false
Description: You can send Debug log information to a cloud-based monitoring solution of our company for support reasons. This can speed up support cases.
You can activate and deactivate this feature by changing the value to the date until when the remote debug logging should be enabled. After this date, SCEPman will keep sending debug logs until it restarts. Microsoft App Services restart automatically every now and then, usually in a two-week timeframe. We recommend setting the value to the date in one week in the format YYYY-MM-DD. For example, on 2025-05-05, you would set this to 2025-05-12.
Up until version 2.8, you could also use 'true'. This is not possible anymore starting with SCEPman and Certificate Master version 2.9 and newer.
Linux: AppConfig__CertificateStorage__TableStorageEndpoint
This defines which Table Storage Endpoint to use for checking manual certificate revocations. If you remove this setting, SCEPman will not use the database for revocation checks.
Changes can harm your service!
Linux: AppConfig__EnableCertificateStorage
Value: true or false (default)
Description: When requesting certificates, SCEPman stores those requested certificates in the Storage Account in Azure if this is set to true and when this setting is not explicitly overridden with false for the specific endpoint. This will make the issued certificates appear in SCEPman Certificate Master, where you can view and revoke them manually. Additionally, certificates are revoked automatically depending on the specific SCEP endpoint used for enrollment. If set to false or not set, SCEPman will only store issued certificates for those endpoints where certificate storage has been explicitly enabled. If a certificate is not stored, they are visible only in the logs or if the SCEP client stores them somewhere.
Linux: AppConfig__SCEPResponseEncryptionAlgorithm
The algorithm used to encrypt SCEP responses. Reasonable values include "2.16.840.1.101.3.4.1.42" for AES-256-CBC (the default) and "2.16.840.1.101.3.4.1.2" for AES-128-CBC.
Changes can harm your service!
This setting points to the Application Artifacts that will be loaded by starting the App Service. Please have a look at these instructions: .