ACME Device Attestation: Hardware-Rooted Device Identity, No Passwords
Replace legacy SCEP and Microsoft NDES with BastionXP — a private CA that uses your device's Apple Secure Enclave or TPM to cryptographically prove its physical identity before issuing a certificate. Passwordless. No shared secrets. Zero credential theft.
Replace Shared Secrets with Hardware-Backed Cryptographic Identity
ACME is the same open standard that powers Let's Encrypt. ACME Device Attestation extends it to your corporate device fleet — replacing passwords and shared secrets with hardware-backed cryptographic proof. Before your private CA issues a certificate for EAP-TLS Wi-Fi, VPN, or Zero Trust network access, your device's Secure Enclave or TPM proves it is a genuine, company-owned asset. The result is true passwordless, certificate-based authentication anchored in hardware.
No Passwords
Enrollment requires zero shared secrets. The device's hardware chip is the credential — there is nothing to intercept, rotate, or leak.
Hardware-Locked Keys
Private keys are generated inside the Secure Enclave or TPM and can never be exported — even by a local administrator or a compromised OS.
Manufacturer-Verified
Apple or Google cryptographically vouches for the device's identity. You're trusting silicon, not a configuration file or a shared password.
Why Shared-Secret Certificate Enrollment Fails Modern Zero Trust
For over two decades, SCEP — and its Microsoft counterpart NDES — has been the default way to enroll devices into a corporate private PKI. But its core design — a shared password delivered in an MDM profile — was never built for a Zero Trust world where every device is a potential attack surface. ACME Device Attestation is the SCEP replacement your security team has been waiting for.
SCEP passwords can be stolen: MDM configuration profiles carry a shared secret. If intercepted, any machine can impersonate a managed device and enroll itself.
No hardware binding: SCEP doesn't verify where the private key lives. Keys can be exported, cloned, and reused on any unmanaged device.
Zero manufacturer verification: Any device that "knows the secret" gets a certificate — there is no cryptographic proof it is the device you actually purchased.
Profile replay attacks: An intercepted SCEP configuration profile can be replayed to silently enroll rogue, unmanaged devices into your PKI.
Rotation fatigue: Rotating the SCEP shared secret invalidates all pending enrollments — so teams never rotate it, leaving credentials permanently exposed.
How BastionXP ACME Device Attestation Works
BastionXP acts as a fully compliant private CA and ACME server supporting the device-attest-01 challenge. Your MDM triggers enrollment, the device's Secure Enclave or TPM provides cryptographic proof, and BastionXP issues a short-lived X.509 certificate for EAP-TLS Wi-Fi, VPN, mTLS, or Zero Trust network access — all without a shared secret or manual approval step. For a step-by-step iOS deployment, see the complete iOS ACME enrollment guide.
MDM Triggers Enrollment: Your MDM (Jamf, Intune, FleetDM) pushes an ACME enrollment profile to the device. No shared secret is included.
Key Generation in Secure Enclave: The device generates a key pair entirely inside its Secure Enclave or TPM chip. The private key never leaves hardware.
Attestation Object Created: The device builds an attestation payload containing its hardware identifiers (Serial Number, UDID), signed by a key only the manufacturer can verify.
BastionXP Verifies the Chain: Your private ACME CA validates the attestation against the manufacturer's Root CA — confirming the hardware is genuine and unmodified.
MDM Inventory Cross-Check: BastionXP queries your MDM to confirm the device is a corporate-owned, enrolled asset before issuing any certificate.
Certificate Issued and Auto-Renewed: A short-lived X.509 certificate is issued, cryptographically bound to this specific hardware. Renewal is fully automatic via ACME.
Why Teams Are Switching from SCEP to ACME Device Attestation
ACME Device Attestation eliminates the weakest link in enterprise PKI — the shared secret — and replaces it with cryptographic proof anchored in hardware. Here is what your security team gains from day one.
Hardware-Bound Identity
Private keys are generated and stored inside the device's Secure Enclave or TPM. They cannot be exported, copied, or used from any other machine — even if the device is fully compromised at the OS level.
Manufacturer-Verified Trust
Attestation is validated against Apple or Google's Root CA. You are not trusting a password — you are trusting a cryptographic chain of custody from the silicon manufacturer to your CA.
Zero Shared Secrets
No SCEP password to manage, rotate, or accidentally leak in a log file, Git repository, or MDM configuration profile. Enrollment is entirely cryptographic from start to finish.
MDM Inventory Integration
BastionXP cross-references the device's Serial Number and UDID against your corporate asset register in Jamf, Intune, or FleetDM before issuing any certificate — blocking rogue device enrollment.
Automated Short-Lived Certificates
Certificates auto-renew via ACME before expiry. No manual intervention, no helpdesk tickets for expired certificates, and no long-lived credentials left behind on decommissioned devices.
Cross-Platform Support
Works natively with Apple iOS 16+, macOS, and modern Android devices. Certificates issued via ACME Device Attestation can be used immediately for EAP-TLS Wi-Fi (WPA2-Enterprise, WPA3-Enterprise), IKEv2 VPN, and mTLS — enabling passwordless network access across your entire fleet.
Your Questions, Answered
Need help? Check out our FAQs for instant answers to the most common questions about ACME Device Attestation and BastionXP.