Apply new certificate to SCOM 2012 R2 Management server

Apply new certificate to SCOM 2012 R2 Management server

SCOM can encrypt communication between Management servers, using a certificate. This isn’t mandatory, unless you use Gateway servers, but it is going to make your security team happy. In a previous post I showed how to create a CSR for the appropriate type of certificate. After you submit this to your chosen certificate authority, it will provide you will a certificate, which is awesome, but what do you do with it now?

Firstly you copy the .cer file to your server, then you double click on it

untrusted cert

Click Install Certificate

start of certificate wizard

Select Local Machine and click Next

pick store location of cert

Leave the default and click Next

complete certificate wizard

Click Finish

Now that the cert is installed you will need to run a program called MOMCertImport.exe, this can be found in the SCOM media you installed from (Support Tools > AMD64 > MOMCertImport.exe).

Double click the exe and select your new cert from the list.  Once you click ok, it will install the cert.  I normally reboot the server at that point, but a service restart should suffice

select cert