IIS Create Domain Certificate. You may use this manual for creating SCCM certificate if you have PKI infrastructure (Active Directory Certification Services server role is deployed in your company domain).
1. Login to server with “Internet Information Services” (IIS) (Domain-joined PC). Click “Start” button and find in apps list “Internet Information Services” (IIS);
2. Select your server and go to “Server Certificates”;
I do next actions on another Server with IIS Console.
3. Click “Create Domain Certificate“;
4. Fill in the fields (you must fill in all fields). Common name – enter your destination server FQDN. Click “Next” button;
5. Click “Select” button to select your Central Certification Server;
6. Select Certification Server and click “OK” button;
7. Enter “Friendly name” (FQDN) of your server (for which you make certificate) and click “Finish” button;
8. All good, we can export this certificate and use as we wish, as it Domain Trusted Certificate;