Thanks Jason, that pretty much confirms what I was thinking. Costs would be high for the amount of clients we'd be managing to buy certs for each.
Sent from my iPhone On Jul 31, 2013, at 1:58 PM, "Jason Sandys" <[email protected]> wrote: > First note, that certs aren’t a requirement for IBCM, they are a requirement > for HTTPS client mode which in turn is a requirement for IBCM. > > Technically, not a problem. A cert is a cert is a cert. As long as the certs > you use meet the requirements outline on TechNet: > http://technet.microsoft.com/en-us/library/gg699362.aspx > > Logistics and money are the typical barrier though: specifically, you need to > purchase and distribute the client certs to every device you need to manage > using HTTPS client communication and IBCM and then you have to renew and > re-issue them when they expire because certs expire. Also note I wrote certS > with a capital S – each client requires its own unique certificate. If you > are only managing 2 clients using IBCM, that’s not too expensive at all, if > you are managing 2,000, that’s pretty expensive. > > J > > From: [email protected] [mailto:[email protected]] > On Behalf Of Jeff Krueger > Sent: Wednesday, July 31, 2013 12:07 PM > To: SCCM List MyItFourm > Subject: [mssms] Using VeriSign certs for IBCM > > Does anyone have any experience with using VeriSign (or other public CA) > certs for their internet based clients? Gathering my facts now for > implementing IBCM with 2012. Unsure of relying on our PKI so looking at the > possiblity of using VeriSign certs. Looking for pros/cons and whether this > is a supported method. > >
