3 Protocol Details

The Health Certificate Enrollment Protocol is a simple request-response protocol. The Health Certificate Enrollment Protocol allows a network endpoint to obtain digital certificates. These certificates are conditionally issued based on the compliance of that endpoint with security policy defined for the network.<18>

The health certificate enrollment agent (HCEA) sends a Health Certificate Enrollment Protocol request and the HRA responds with a Health Certificate Enrollment Protocol response. The protocol is used by the HCEA to obtain a health certificate based on its compliance with the security policies defined for the network. The protocol is always a single Health Certificate Enrollment Protocol request followed by a single Health Certificate Enrollment Protocol response, as shown in the following diagram.

Figure 3: Health Certificate Enrollment Protocol single request and response