Forum Discussion

Brass Contributor

Sep 04, 2020

Solved

SCCM - HTTPS or HTTP communication

Hi! I have a current SCCM setup that runs on an HTTP comms (MP, SUP DP). Then recently i switch the MP and DP to HTTPS configured certificates. Do i have to enroll client certificates to the work...

Michiel Overweel
Sep 04, 2020
christian31 For HTTPS communication between clients and site system roles such as management points and distribution points, clients require a valid workstation authentication certificate. See Plan for security in Configuration Manager and PKI certificate requirements for Configuration Manager for more information.

Anoop C Nair

MVP

Jun 15, 2022

christian31

It's not easy to PKI https just for SCCM DP. This is not because of the SCCM complex scenario but rather the complex setup and cert templates that you need for PKI root and intermediate client/server certs that you need to deploy ... more over maintaining (revocation, etc) in a VPN work from home kind of a scenario.

I have seen challenges to get the correct certs created using the correct templates and then deploying them. Maintaining the certs is another big headache 🙂

I tried to explain this long back - https://www.anoopcnair.com/setting-up-https-mp-sup-sccm-site-systems/

But if you ask me I would go with the eHttp option for SCCM secured communication.

Mac Support for SCCM is going away anyways so better to migrate those mac computers to some other device management solution.