Deploy PKI Certificates for SCCM Step by Step Guide

Deploy PKI Certificates for SCCM 2012 R2 Step by Step Guide – This is a Step by Step Guide to Deploy PKI Certificates for SCCM.

This step-by-step example deployment uses a Windows Server 2012 R2 certification authority (CA). we will deploy public key infrastructure (PKI) certificates that Configuration Manager uses.

These procedures use an enterprise certification authority (CA) and certificate templates. The steps are appropriate for a test network only, as a proof of concept. I will be adding few more posts related to the PKI certificates as I work on it.

Part 1 : PKI requirements for SCCM 2012 R2

Part 2: Deploying Web Server Certificate for Site Systems that Run IIS

Part 3 : Deploying the Client Certificate for Windows Computers

Part 4 : Deploying the Client Certificate for Distribution Points

Part 5 : How to deploy Client Certificate for Mac Computers

Part 6 : How to install SCCM client agent on Mac Computers

Download All PKI Setup Guides – Download Link

8 thoughts on “Deploy PKI Certificates for SCCM Step by Step Guide”

  1. Hi Prajwal, great tutorial! thank you.
    So for workgroup client deployment I changed install parameter of sccm client because it couldn’t connect to MP on SSL port.
    In LocationServices log I found following row:
    Skipping DNS record of port 443 as it is not compatible with Client
    The magic parameter is CCMHTTPSSTATE=31 (I don’t know what this parameter exactly is …)
    Final string for client installation:
    ccmsetup.exe /source:”C:\Temp\Client” SMSSITECODE= SMSMP= DNSSUFFIX= CCMHTTPSSTATE=31

  2. after attempting all these recommended steps, clients are not communicating and PKI certificate is not showing in control panel conf manager client


Leave a Comment