SCCM 2007 Native Mode – PKI Certificate

Environment: Testing server for SCCM 2007 in Native mode on Server 2008. IIS, SQL Express 2005 SP2 and WSUS 3.0 already installed.

Steps to setup PKI for Native mode

  1. Get some coffee, maybe a sandwich and set your phone to ignore all calls, follow step 3 like your life depended on it.
  2. Add Active Directory Certificate Services Role via Server Manager:
  3. Step-by-Step Example Deployment of the PKI Certificates Required for Configuration Manager Native Mode: Windows Server 2008 Certification Authority:

Minor issues I encountered – Sitesigning.ini

  1. Use the Copy Code link which is available only in Internet Explorer (really Microsoft?), or ensure you have a clean copy with no spaces or changed characters. I copy pasted the code via Chrome and it failed (likely a PEBKAC issue… do ya think?).
  2. Whatever Template Display Name you choose in the Certificate Template MMC make sure to remove all spaces in the sitesigning.ini file:
    The exercise example “ConfigMgr Site Server Signing Certificate”  becomes  “ConfigMgrSiteServerSigningCertificate”
    “My SCCM Server Cert” needs to be  “MySCCmServerCert”

SCCM Native Mode Site Certificate

SCCM Native Mode Site Certificate

SCCM Native Mode Site Certificate

Leave a Reply

Your email address will not be published. Required fields are marked *