Effective February 1, 2024, Microsoft Cloud PKI is available and part of the Microsoft Intune Suite.
Also, effective March 1, 2024, Microsoft Cloud PKI is purchasable as an add-on license for both enterprise and government customers.
What is Microsoft Cloud PKI?
Microsoft Cloud PKI is a cloud-based service that simplifies and automates certificate management for organizations. With Cloud PKI, you will no longer have to deploy, configure and manage on premises servers or procure hardware. You will be able to create multiple certification authorities and manage the lifecycle of certificates issued to Intune-managed devices.
Some of the capabilities of Cloud PKI are:
- Simplified Deployment: With Cloud PKI, you no longer need to deploy, configure, and manage on-premises servers or procure hardware. This eliminates the need for lengthy planning, coordination, procurement, and deployment.
- Multiple Certification Authorities: You can create multiple certification authorities and manage the lifecycle of certificates issued to Intune-managed devices.
- Platform Support: At launch, Cloud PKI can issue certificates across platforms, including Windows, iOS, macOS, and Android.
- Automated Lifecycle Management: Cloud PKI handles the full lifecycle of issued certificates, including automatic renewals as expirations approach and revoking certificates for devices that are wiped, deleted, or removed from Intune.
- Certificate-Based Authentication (CBA): Certificates issued by Cloud PKI can be used for CBA use cases, such as accessing Wi-Fi networks, VPNs, Windows Hello for Business, and Microsoft 365 apps.
- Single Pane of Glass: Cloud PKI provides a unified view from the cloud for certification authorities, registration authorities, revocation distribution lists, monitoring, and reporting.
How do I activate Cloud PKI?
Global and billing administrators can use the centralized experience (Intune add-ons) in the Intune Admin Center to easily access trial licenses (up to 250 users for 90 days) and licenses to purchase.
Follow these steps to have a look into your Cloud PKI dashboard in Intune:
- Open the Intune Admin Center
- On the left side, go to “Tenant administration“
- On the new sidebar, click on “Cloud PKI” (previously “Tenant PKI”; if the name change is not yet reflected in your console, click on “Tenant PKI” instead)
How do I purchase the Microsoft Cloud PKI add-on?
Effective March 1, 2024, enterprise and government customers can purchase the Cloud PKI add-on. It is available as an individual add-on to Microsoft subscriptions that include Intune Plan 1, which are:
- Microsoft 365 E3, E5, F1, F3, Business Premium, and Government G5, G3
- Enterprise Mobility + Security E3, E5
- Microsoft Intune for Education
The Microsoft Cloud PKI add-on is available through the following programs (to be confirmed on March 1, 2024):
- Enterprise Agreement (EA)
- Enterprise Subscription Agreement (EAS)
- Enrollment for Education Solutions (EES)
- Microsoft Customer Agreement (MCA)
Contact us for expert services on your specific Microsoft agreements, more information and to request a quote.
Which Microsoft Intune add-ons are available?
Some Intune capabilities are available to buy as a standalone add-on, while others are only available with Intune Plan 2 or the Intune Suite. The following table provides a list of add-on capabilities and associated Intune Plans:
Capability | Standalone add-on | Intune Plan 2 | Intune Suite |
Endpoint Privilege Management | ✔️ | ✔️ | |
Enterprise App Management | ✔️ | ✔️ | |
Advanced Analytics | ✔️ | ✔️ | |
Cloud PKI | ✔️
(starting March 2024) |
✔️ | |
Remote Help | ✔️ | ✔️ | |
Microsoft Tunnel for Mobile Application Management | ✔️ | ✔️ | |
Firmware-over-the-air update | ✔️ | ✔️ | |
Specialized devices management | ✔️ | ✔️ |
How could an architecture with Cloud PKI look like?
The illustration below shows a possible architecture with Cloud PKI, managing certificates in Microsoft Azure, to help you better understand, how it all connects.
More information
For the announcement article, please visit: https://techcommunity.microsoft.com/t5/microsoft-intune-blog/microsoft-cloud-pki-launches-as-a-new-addition-to-the-microsoft/ba-p/3982830.
For the product page, please visit: https://www.microsoft.com/en-us/security/business/endpoint-management/microsoft-cloud-pki.
For an interesting webcast on Cloud PKI, please visit: https://techcommunity.microsoft.com/t5/endpoint-management-events/coming-to-the-microsoft-intune-suite-microsoft-cloud-pki/ev-p/3971696.
For software licensing information on Microsoft licensing programs, please visit: https://www.schneider.im/software/microsoft/.
Please contact us for expert services on your specific Microsoft agreements, more information and to request a quote.
Get Expert Services now.
Contact SCHNEIDER IT MANAGEMENT for Expert Licensing Consultancy and request a Personalized Quote for Your Organization immediately.
- Trusted by 100+ Businesses
- Risk-Free
- Expert Services
- Incredible Customer Service
- Best Licensing Conditions
Yes, I want expert licensing consultancy for my company
Here is my information