Wednesday, March 16, 2016

SCCM - Create Client Authentication Certificate for Workgroup machine

Content of ConfigMgrClientCertificateWorkgroup.inf

[NewRequest]
Subject = "CN=WorkgroupServerName"
MachineKeySet = True
Exportable = TRUE
KeyLength = 2048
[RequestAttributes]
CertificateTemplate = ConfigMgrClientCertificateWorkgroup


Certreq -new ConfigMgrClientCertificateWorkgroup.inf ConfigMgrClientCertificateWorkgroup.req

certreq -submit ConfigMgrClientCertificateWorkgroup.req ConfigMgrClientCertificateWorkgroup.cer
Select DomainControllerName

certreq -accept ConfigMgrClientCertificateWorkgroup.cer

Open MMC Certificates Machine and export Cert with private keys

Import New Cert into into Workgroup system certificate store
Import Trusted Root Cert - Local-CA

Install CCMSetup with following command line

ccmsetup.exe SMSSITECODE=P01 DNSSUFFIX=domain.co.uk /UsePKICert /NOCRLCheck CCMHOSTNAME="IBCM.domain.co.uk"

Open LocationServices.log and look for the following entry

LSUpdateInternetManagementPoints: Successfully refreshed internet MPs from MP ibcm.domain.co.uk.

No comments:

Post a Comment