SCEP Cert auto renewal via MDM

Hello, We’re using BigFix MDM to push a SCEP certificate. It is a custom policy using the Windows SCEP Username Template. We then update the SCEP URL, Challenge and Thumbprint and deploy the policy.

This works fine however a number of our users have reported back that the certificate is expiring.

I went back and confirmed that the expiry is set to 1 year which we can change however we would prefer to keep the 1 year expiry and instead have it auto renew 1 month out from expiry. Is this possible?