Masterclass Description

This three-day LIVE Online Training event will teach you how to provision and manage on-premises enterprise PKI certificates using Microsoft Intune. The class, presented by Microsoft MVP Richard Hicks, provides a comprehensive overview of certificate services and public key infrastructure (PKI). Participants will learn the importance of certificates , explore common use cases, and examine popular solutions like Active Directory Certificate Services (AD CS) and Microsoft Cloud PKI, in addition to non-Microsoft solutions.

The course covers AD CS certificate templates, revocation, and security considerations. It also discusses Intune certificate deployment options and explores the choice between PKCS and SCEP.

Participants will gain a solid understanding of deploying certificates using PKCS and SCEP, focusing on implementation and security best practices. Troubleshooting issues related to installation, connectivity, and certificate enrollment will also be covered.

Additionally, learners will discover Microsoft Cloud PKI, its licensing requirements, Target Customers, benefits, and limitations. By the end of the program, participants will have a comprehensive grasp of certificate deployment options with Microsoft Intune.

Added Bonus
This LIVE Online Training will provide you access to all the sample scripts used during the training. With these, you can rerun the exercises after completing the training and modify them for use in your environment.


This Masterclass runs for three days and includes:

  • Daily live webinars (with plenty of time for Q&A)
  • Lots of live demonstrations
  • A community of individuals with the same goals
  • A private Facebook group with other participants for sharing reflections, progress, etc.
  • The chance to ask Richard Hicks questions directly in a live training environment


This Masterclass is for YOU if you want to:

  • Master deploying certificates
  • Effectively implement security best practices
  • Establish provisioning and management of on-premises enterprise PKI certificates using Intune
  • Achieve comprehensive understanding of certificate services and PKI

...and so much more!


Prerequisites

Access to a functioning on-premises Active Directory Certificate Services (AD CS) implementation. An Azure subscription with a license for the Microsoft Intune Suite and Intune licenses required for PKCS and SCEP certificate deployment.

Masterclass Schedule

Date and start time for the next Masterclass:

  • May 14-16, 2024, 9:00 AM-4:30 PM Central Time (US and Canada)

This session of the Masterclass will be recorded and made available for participants to view.

Masterclass Outline

Module 1: Overview of Certificates and PKI

  • Why Use Certificates?
  • Common Use Cases
  • Active Directory Certificate Services (AD CS)
  • Microsoft Cloud PKI
  • Other Solutions


Module 2: Active Directory Certificate Services

  • Root CAs
  • Issuing CAs
  • Certificate Templates
  • Revocation
  • Security Considerations


Module 3: Certificates and Intune

  • Overview of the Intune Certificate Connector
  • Public Key Cryptography Standard (PKCS)
  • Simple Certificate Enrollment Protocol (SCEP)
  • Using Imported PKCS Certificates with Intune
  • Trusted Certificates


Module 4: Deploying Certificates Using PKCS

  • CA Configuration
  • Downloading and Installing Certificate Connector
  • Deploying Intune PKCS Device Configuration Profiles
  • Key Storage Provider Selection
  • Subject Name and Application Policy Configuration
  • Security Hardening


Module 5: Preparing for SCEP Certificate Deployment

  • Networking Requirements
  • Certificate Requirements
  • Installing NDES Roles
  • Security Hardening
  • Publishing to the Internet


Module 6: Deploying Certificates Using SCEP

  • CA Configuration
  • Downloading and Installing Certificate Connector
  • Deploying Intune SCEP Device Configuration Profiles
  • Key Storage Provider Selection
  • Subject Name and Application Policy Configuration


Module 7: Troubleshooting

  • Intune Certificate Connector Installation
  • Connectivity Issues
  • Enrollment Issues
  • Revocation
  • Event Logs


Module 8: Overview of Microsoft Cloud PKI

  • Overview of Cloud PKI
  • License Requirements
  • Target Customers
  • Benefits
  • Limitations


Module 9: Deploying Certificates Using Cloud PKI

  • Creating a CA
  • Integrating with On-Premises AD
  • Configuring Certificate Templates
  • Advanced Configuration and BYOCA (Bring Your Own CA)
  • Monitoring Cloud PKI

Masterclass Instructor

Richard Hicks

Richard Hicks is the founder and principal consultant at Richard M. Hicks Consulting, Inc. He is a widely recognized enterprise mobility expert with more than 25 years of experience implementing secure remote access and public key infrastructure (PKI) solutions for organizations worldwide. He understands that providing visibility, control, and assurance for field-based devices is vital to ensuring the highest level of security and productivity for today’s highly mobile workforce.

Richard Hicks

President and Principal Consultant