Mutual Authentication for SCOM Part 3: Prepare Gateway /DMZ server for Mutual Authentication

Yo-ho-ho,

this is part 3 of a series about Mutual Authentication for SCOM.

Mutual Authentication for SCOM Part 1: Root CA

Mutual Authentication for SCOM Part 2: Certificate Request

Mutual Authentication for SCOM Part 3: Prepare Gateway /DMZ server for Mutual Authentication

In my previos posts I’ve written about: how to set up root CA for MA and how to request the certificate by the use of templates.

In this short post I’ll try to explain you what you need to do to set up the gateway / DMZ server.

 

Export the certificate on SCOM server.2014-12-17 20_14_07-wwscom000326 - Remote Desktop Connection

Check “Yes, export the private key”

2014-12-17 20_17_08-wwscom000326 - Remote Desktop Connection

 

Make sure that “Include all certificates in the certification path if possible is” checked.

 

2014-12-17 20_17_57-wwscom000326 - Remote Desktop ConnectionType in a password and click on “Next”.

2014-12-17 20_18_50-wwscom000326 - Remote Desktop ConnectionGive it a name and export it.

Copy the certificate.pfx and the “MOMCertImport.exe” to the gateway/DMZ/unjoined server. Start mmc load Certificates for local computer and import the certificate

2014-12-17 20_29_53-wwscom000326 - Remote Desktop Connection

 

Import the certificate to your Personal Certificate Store.

2014-12-17 20_33_07

And finally import the certificate via MOMCertImport.exe like we  did it before (in part 2).

If you are about to set up the connection for a domain unjoined server or a DMZ, server this is the point where you are ready.

If you want to set up a gateway server you need to copy “Microsoft.EnterpriseManagement.GatewayApprovalTool.exe” from SCOM Server “C:\Program Files\Microsoft System Center 2012 R2\Operations Manager\Server” to the future gateway server and run the installation, which is pretty much straight forward.

Technet: How to Deploy a Gateway Server

 

 

*Captain

Submit a comment on “Mutual Authentication for SCOM Part 3: Prepare Gateway /DMZ server for Mutual Authentication”

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

© 2017 IT-Pirate