SCSM : Enabling SSL on IIS 7.0/7.5 with a domain certificate instead of the standard self signed certificate

April 14, 2011 at 8:48 am in SCSM, Service Manager by Kenny Buntinx [MVP]

In System Center Service Manager 2010, you can use the deployment guide procedure to deploy the Service Manager Self-Service Portal. The Self-Service Portal provides two Web sites, a self-service portal used by end users and an analyst portal used to manage change requests and to administer the Self-Service Portal.

To completely deploy the Self-Service Portal, you have to install the Self-Service Portal, install a Secure Sockets Layer (SSL) certificate in Internet Information Services (IIS), and then enable Windows Authentication in IIS. You must deploy the Service Manager management server before you deploy the Self-Service Portal.

To provide security, Secure Sockets Layer (SSL) must be used with the Self-Service Portal. By default SCSM self service portal proposes you to use a self-signed certificate , which will result in an annoying popup “This site is not trusted, are you sure to continue” before getting to the enduser portal . To resolve this , we will use Domain Joined certificates from our PKI server , see the info below :

 

1. Go to IIS and select your server , then go to Server Certificates.

image

2. Once there , please select create domain Certificate , follow the wizard and at the end you will see that the certificate has been requested and created .

image

3. We are not yet there . Now we have to tell the website , what certificate to use . Select the SCSM portal and select bindings

image

4. Once the bindings window opens , select the correct certificate and click ok

image

5. Reboot your IIS and your done .

 

Hope it Helps ,

Kenny Buntinx

Tweet about this on TwitterShare on FacebookShare on Google+Share on LinkedInPin on Pinterest