Issue & Autoenroll Client Authentication Certificate for SCCM Clients

Updated: 5 days ago

A client certificate is required on any computer which need SSL communication with Configuration Manager HTTPS Management Point or SSL Software Update Point.


A client certificate is aslo required on any computer which will be managed via the Cloud Management Gateway ( CMG ) and devices are not Azure AD / Hybrid AD join. It is also required on the server that will host the Cloud Management Gateway connection point.


Let's understand how we can issue a client authentication certificate using Microsoft Active Directory Certificate Services (Publick Key Infrastructure / PKI) and configure auto enrollment via Group Policy.


Table of Contents



Related Posts:


Configure Management Point for HTTPS

Configure Software Update Point for SSL





Issue Client Authentication Certificate from Microsoft PKI


RDP to Certificate Authority Server


On the Certificate Authority console, right click Certificate Template and click Manage.