20- Configuration Manager HTTPS Communication and PKI Certificate Part 2

We already created Web Server certificate in Part1. It is now time to create client certificates. Log on to Certification Authority console, right click Certificate Templates and then select Manage. 

 

Right click on Workstaation Authentication and Select Duplicate Template

 

 

Choose windows Server 2003 Enterprise

 

Give your template a name, I name it ConfigMgrClientCert

 

 

 

Select Security Tab, Choose Domain Computers. Make sure Read, Enroll and AutoEnroll permissions are given. Click OL and close the properties of this new template. Close Certificate Templates Console.

 

 

On Certification Authority console, right click Certificate Template and choose New/Certificate Template to Issue

 

Select the Client Certificate we just created and click OK.

 

 

 

 

 Group Policy Configuration For Client Certificate:

 Log on to Domain Controller and start Group Policy Management. Right click the domain and choose Create a GPO in this domain and Link it here.

 

 

Give a  relevant name to this GPO and Edit the new GPO.

 

Open the Certificate Services Client - Auto - Enrollment Properties

 

 Select Enabled options and make sure you check both checkboxes.

 

Close Group Policy Managent. That is all we need to do for Client certficate. In Part 3, I will show how to create a Client Certificate for Distribution Points.

 

© selimatmaca.com. All Rights Reserved.