A few companies to "managed" PKI for client certs. http://www.symantec.com/verisign/managed-pki-service
http://www.digicert.com/managed-pki-ssl.htm?gclid=CN_ChtuoobwCFeg-MgodJC8A9A https://www.globalsign.com/enterprise-pki/ Christopher Catlett Consultant | Detroit Sogeti USA Office 248-876-9738 |Fax 877.406.9647 26957 Northwestern Highway, Suite 130, Southfield, MI 48033-8456 www.us.sogeti.com -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Dzikowski, Michael Sent: Tuesday, January 28, 2014 11:26 AM To: [email protected] Subject: RE: [mssms] Implement SCCM 2012 encryption with 3rd party CA? 3rd party could be expensive for client certs... -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of John Sent: Tuesday, January 28, 2014 11:03 AM To: [email protected] Subject: [mssms] Implement SCCM 2012 encryption with 3rd party CA? Hi All, We are looking to set up a PKI to enable encryption in the SCCM 2012 environment, but unfortunately, we do not have a local CA. We use a 3rd party (GlobalSign) for our certificates, however, I'm not convinced they can provide the client certificates. Has anyone else managed to get this working with an external CA? I really need to know if this won't work and we're just chasing our tails. Essentially, my concern is this: When we set up a local CA to issue certificates, we do it by creating a template and allowing the clients to auto-enroll for the certificate, if we have a 3rd party CA, how does that mechanism work, if at all? Thanks in advance John
