If you have just upgarded to MobileIron CORE Version 8.0 and you are finding that your SCEP Certificates are not being generated it is likely you are experiencing this error:
To fix this issue, use the IP Address of the SCEP server instead of the URL.
Now, why do we need to do this? It is most likely because the URL does not have a TLD (top level domainname) in it. i.e. scep.mobilitycompany.intranet or scep.mobility.lan instead of scep.mobility.com for example.
If you are worried about pushing out certs again and having users re prompted to install/enter passwords for their use case i.e. in a VPN or WiFi profile, then contact your Mobility Partner (aka Mobile Mentor) and have a MobileIron support ticket raised to have the DB modified through Devshell.