this is part 3 of a series about Mutual Authentication for SCOM.
In my previos posts I’ve written about: how to set up root CA for MA and how to request the certificate by the use of templates.
In this short post I’ll try to explain you what you need to do to set up the gateway / DMZ server.
Check “Yes, export the private key”
Make sure that “Include all certificates in the certification path if possible is” checked.
Copy the certificate.pfx and the “MOMCertImport.exe” to the gateway/DMZ/unjoined server. Start mmc load Certificates for local computer and import the certificate
Import the certificate to your Personal Certificate Store.
And finally import the certificate via MOMCertImport.exe like we did it before (in part 2).
If you are about to set up the connection for a domain unjoined server or a DMZ, server this is the point where you are ready.
If you want to set up a gateway server you need to copy “Microsoft.EnterpriseManagement.GatewayApprovalTool.exe” from SCOM Server “C:\Program Files\Microsoft System Center 2012 R2\Operations Manager\Server” to the future gateway server and run the installation, which is pretty much straight forward.
Technet: How to Deploy a Gateway Server