mirror of
https://github.com/outbackdingo/certificates.git
synced 2026-01-27 10:18:34 +00:00
cd78b9fd43
Apparently the macOS SCEP client sends a SCEP message in the query that's not fully escaped. Only the base64 padding is escaped, the '+' and '/' characters aren't. This is a bit of a special case, because the macOS SCEP client will default to using HTTP POST for the PKIOperation. But if the CA is configured without the POSTPKIOperation capability, the macOS SCEP client will use HTTP GET instead. This behavior might be the same on iOS.