Jump to content


Sinimini

Certificate for Distribution Point

Recommended Posts

Hi

 

i have one sccm server with systems roles MP and DP and i would like to change communication to https.

For this i need to request Certificates. One with Site System with IIS (Server Auth) and one for the Site System with DP.

Because it's the same namen my first attempt was to issue on certificate with Server and Client Auth and install it on my Server.

 

Now i get to the point where i have to change DP from HTTP to HTTPS and change the Selfsigned certificate to PKI certificate.

I am not sure if this is still a good idea to use only one certificate.

Can some explain to me what DP does when the certificate is imported. Is it going to be installed on clients?

 

I've seen that the SelfSigned Certificate is shown under Administration > Security > Certificates but i couldn't see thsi certificate on a client.

Share this post


Link to post
Share on other sites

So when i use a Task Sequenz and the client doesn't have installed a valid Certificate the DP uses this certificate for the client without installing it on the client?

I was already thinking about implementing a step in my OS Deployment where i would have to install Certificates before i join my domian, so i wouldn't have to do that

Share this post


Link to post
Share on other sites

I have changed my DP and MP to https and imported my client cert to my dp as pfx file.

My software deployment works fine but i have some issues with my OS Deployment.

 

The Windows PE mode starts and i can install OS. I have tested without my imported cert and i coudn't get past this point.

Then i get stucked at that point where SCCM Agent is installed. I can see that the agent is installed but not correctly.

I can't see the the assigend MP or witch Client Certificate is used. So the Task Sequenz is not continued.

My understanding is that my imported cert is used for the pxe mode then when i join domain i get cert from my ad and this is used for fuhter steps.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...


×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.