savage Posted July 14, 2012 Report post Posted July 14, 2012 Found this super post about certificates in sccm 2012: http://msandbu.wordp...m-2012-and-pki/ This is going to be a huge post, but hopefully someone will find it useful for future references In my previous SCCM 2012 post, I showed how-to install SCCM, but not how to configure it for encrypted communication. So out-of-the box SCCM traffic goes unencrypted via HTTP, which is clear text. So if you manage to get inside the LAN, fire up an arpspoof or macof (or any other MITM method) you can read the traffic going back and fourth from the client to the site servers. So therefore I’m going to show you how to install your very own Microsoft PKI infrastructure and how you enroll the different types of Certificates that you need in order for SCCM to encrypt traffic. Before I start, I want to show you how I designed my lab for this demo. This is in a fully virtual lab environment, much of the setup I do here is not “Best Practice” but in order to make this post readable, I wanted to keep it as short as I possibly could. I have excluded much of the setup regarding CRL, OSCP and config files (If you are unfamiliar with these terms go to this page http://technet.micro...393(WS.10).aspx ) Quote Share this post Link to post Share on other sites More sharing options...
