SCOM can encrypt communication between Management servers, using a certificate. This isn’t mandatory, unless you use Gateway servers, but it is going to make your security team happy. In a previous post I showed how to create a CSR for the appropriate type of certificate. After you submit this to your chosen certificate authority, it will provide you will a certificate, which is awesome, but what do you do with it now?

Firstly you copy the .cer file to your server, then you double click on it

Click Install Certificate

Select Local Machine and click Next

Leave the default and click Next

Click Finish

Now that the cert is installed you will need to run a program called MOMCertImport.exe, this can be found in the SCOM media you installed from (Support Tools > AMD64 > MOMCertImport.exe).

Double click the exe and select your new cert from the list.  Once you click ok, it will install the cert.  I normally reboot the server at that point, but a service restart should suffice