Hello Everyone,

I have stand-alone primary server and 100 DP’s and having SCCM 2010 version. I want to implement the Bitlocker with configuration manager. The existing MP is set for HTTP communication. The prerequisite for Bitlocker is to set MP for HTTPS communication which requires PKI certificates. My first question here is whether the Web Certificate needs to bind with the IIS on primary server only or  IIS installed on DP’s as well and whether separate Web certificate requires for each primary and DP ?Second question is that post web server installation on primary server whether all site roles i.e. MP, SUP, DP that are configured for HTTP communication needs to be configured for HTTPS communication? Third question is whether the client certificate for Distribution Point needs to be different for each DP ? Fourth and last question is suppose if CA server is not available in the environment then what are the options available to deploy the PKI certificates?

Thank you in Advance !