Windows network requirements
See below for the network requirements for all Windows devices in an Active Directory forest.
- Device outbound access to the Entrust WSTEP service
- Device outbound access to the Entrust certificate validation services
ℹ Connection to the Windows domain is not a requirement for certificate enrollment. After fulfilling the requirements below, domain-joined devices can enroll for certificates even when not connected to the same network as the Windows domain.
Device outbound access to the Entrust WSTEP service
Grant any device access to Entrust PKIaaS.
| Region | URI | Target port | Protocol | Application |
|---|---|---|---|---|
| EU | wstep.eu.PKIaaS.entrust.com |
443 | TCP | HTTPS |
| US | wstep.PKIaaS.entrust.com |
443 | TCP | HTTPS |
Device outbound access to the Entrust certificate validation services
Grant any device access to the following Entrust certificate validation services
| Service | Target port | Protocol | Application |
|---|---|---|---|
| Entrust PKIaaS Certificate Revocation Lists | 80 | TCP | HTTP |
| Entrust PKIaaS OCSP service | 80 | TCP | HTTP |