Professional Documents
Culture Documents
Deploying Web Server Certificate For Site Systems
Deploying Web Server Certificate For Site Systems
Deploying Web Server Certificate for Site Systems that Run IIS
Basically in this post we will be performing the following steps
1) Creating and Issuing the Web Server Certificate Template on the Certification Authority
This certificate is used to encrypt data and authenticate the server to clients. It must be installed externally from
Configuration Manager on site systems servers that run IIS and that are configured in Configuration Manager to use HTTPS.
Run the mmc.exe command. In the empty console, click File, and then click Add/Remove Snap-in.In the Add or Remove
Snap-ins dialog box, select Certificates from the list of Available snap-ins, and then click Add. In the Certificate snap-in
dialog box, select Computer account, and then click Next. In the Select Computer dialog box, ensure Local computer:
(the computer this console is running on) is selected, and then click Finish. In the Add or Remove Snap-ins dialog box,
click OK. In the console, expand Certificates (Local Computer), and then click Personal. Right-click Certificates, click All
Tasks, and then click Request New Certificate.
On Select Certificate Enrollment Policy page, click Next.
On the Request Certificates page, identify the SCCM Web Server Certificate from the list of displayed certificates, and
then click More information is required to enroll for this certificate. Click here to configure settings.
In the Certificate Properties dialog box, in the Subject tab, do not make any changes to the Subject name. This means
that the Value box for the Subject name section remains blank. Instead, from the Alternative name section, click
the Type drop-down list, and then select DNS. In the Value box, specify the FQDN values that you will specify in the
Configuration Manager site system properties, and then click OK to close the Certificate Properties dialog box.
On the Request Certificates page, select SCCM Web Server Certificate from the list of displayed certificates, and then
click Enroll.
On the Certificates Installation Results page, wait until the certificate is installed (the status should show Succeeded),
and then click Finish.
Configuring IIS to Use the Web Server Certificate
The steps that we perform now will configure IIS to use the web server certificate that we had configured in the above
steps. On the member server that has IIS installed, launch the Internet Information Services (IIS) Manager. Expand Sites,
right-click Default Web Site, and then select Edit Bindings.
In the Edit Site Binding dialog box, select the certificate that you requested by using the SCCM Web Server Certificates
template, and then click OK. You have now configured IIS to use the web server certificate.