"CertGenWizard.exe is a wizard tool which will take your CA information as
input (it isn't required if you are running the wizard on the box with the CA),
take in the computer names (has to be FQDNs), and send out a request for the
certificates you need. Now, you no longer have to fill out the Certificate
Request form or enter parameters or connect to the web enrollment service.
Once the certificates are approved, there is a Retrieve button in the
CertGenWizard which will allow you to retrieve the certificates that you have
requested. On top of the personal certificates, the wizard will retrieve
the root CA certificate.
The biggest benefit to this tool is the
added ability to request multiple certificates at once. If you have 100
non-domain joined agents that you need to set up cert auth for, you can simply
request all 100 machine certificates at once, retrieve them all, and manually
bring them over to your other machines.
Once you have
brought them to your other machines, CertInstaller.exe is a second
tool that will install the certificates into the local machine store of
your computer and run MOMCertImport.exe for you. Note: Install OpsMgr
Agent FIRST and then run the tool!"This tool will make lives easier for all those who need to deploy large numbers of SCOM agents that will require certificates to communicate.
Monday, August 25, 2008
SCOM: New certificates tool from the OpsMgr Product team
Subscribe to:
Post Comments (Atom)
2 comments:
Am I the only one experiencing problems with this tools? The certificates generated with the certgenwizard can't be installed with the installation tools. It gives me the error output "Object or property not found".
Hannes - no you're not, I get exactly the same issue. Any fixes :-)
Post a Comment