Home > Uncategorized > PKI Certificates for Configuration Manager 2012 R2 – Part 4/4 (Converting Roles)

PKI Certificates for Configuration Manager 2012 R2 – Part 4/4 (Converting Roles)

Welcome to part 4 of 4 in PKI Certificates for ConfigMgr 2012 and converting the environment from http to https. In this Post I will continue to show the Step-by-Step process (found here) for configuring and requesting the certificates that will be used with the Configuration Manager 2012 R2 environment and the clients.

For the links to all the parts of this series see below

Part 1 – Web Server Certificate

Part 2 – Client Certificate for Windows Computers

Part 3 – Distribution Points

Part 4 – Converting Roles (You are here)

 

Creating and Issuing a Custom Workstation Authentication Certificate Template on the Certification Authority

Now that we have the certificates in place, we can convert the roles from HTTP to HTTPS for that added layer of security.  From the administration pane browse to Site Configuration. Under Site Configuration, select Servers and Site System Roles.

Click the server(s) that have roles that will need to be converted. In this example I have only one server.

The roles that I will be converting are:

Application Catalog Web Service Point

Application Catalog Website Point

Distribution Point

Management Point

Software Update Point

 

 Application Catalog web service point

 

The option to change this from HTTP to HTTPS is grayed out. Uninstall and reinstall the role selecting HTTPS. Doing so will not convert the Application Catalog Website Point role. You will need to repeat this procedure for that role as well.

 

image

Application Catalog website Point

The option to change this from HTTP to HTTPS is grayed out. Uninstall and reinstall the role selecting HTTPS.

Distribution Point 

Open the General tab of the Distribution Point Properties.

image

Click Import Certificate. Specify the certificate for the distribution point and its password. Click Ok.

image

 

Management Point

The Option to change from HTTP to HTTPS is grayed out. I had to uninstall and reinstall the role.

image

Software Update Point

Open the Software update point properties. The ports should already be listed. Click Require SSL communication to the WSUS server. Choose the Client Connection Type that best fits your organization.

image

 

Converting the Site to HTTPS

Click on Site Configuration then Sites. Click on your server and choose properties. Click on the Client Computer Communication tab. Select HTTPS only.

image

Your environment should now be configured to use HTTPS.

Categories: Uncategorized
  1. SM
    December 10, 2014 at 7:58 pm

    Great stuff. Thanks for this!

  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: