Dear Symantec,
When a company uses Self-Signed certificates in the CeM implementation, to get the Agent to communicate over SSL, the end-client needs to have Trusted Root Certification Authority certificates installed for the PS and the NS.
At the moment, to deploy a CeM Altiris Agent package, it will allow you to sign the package itself with a PFX, but this is not the same. The endpoint installs the Agent from the CeM Agent package, but the end machine does not trust the NS or PSs, because the certificate chain is broken without the Trusted Root Certification Authority certificate being installed. What we have to do is separately install the NS and PS .CERs into the Trusted Root Certification Authorities store separately.
Can we, therefore, also have the capability to include a number of certificates that should be installed in the Trusted Root Certification Authorities store in the installation set, please?