Situation: The client has Microsoft System Center 2019 running. They would like to monitor some untrusted computers located on workgroup and DMZ.
Part 1: Install Certification Authority in Windows Server 2019 . Please refer to this post:
How to install Certification Authority in Windows Server 2019
Part 2: Export and import Certificate of CA . Please refer to this post:
Note: You need to import the certificate to Trusted Root Certification Authorities on each untrusted computer .
Part 3: Create a certificate template and import it on all the managed Server and untrusted computers. Please refer to this post:
Part 4: Generate SCOM Client certificate and import it on all the managed Server and untrusted computers. Please refer to this post:
Part 5: How to install SCOM Agent to untrusted computer. Please refer to this post: