Install and bind the certificate on the NDES Server

this section explores the following tasks install the ndes certificate bind the ndes certificate in iis configure request filtering bind the certificate in the registry install the certificate perform the following steps to install the ndes certificate on the ndes server, open the windows search bar and look for certlm msc open it in the left toolbar, right click personal and select all tasks > request new certificate on the select certificate enrollment policy page, select \[ active directory enrollment policy ] select \[ next ] select the ndes certificate created earlier, and select \[ more information is required to enroll for this certificate click here to configure settings ] on the certificate properties page, make the following changes for subject name , select \[ common name ] and enter the fully qualified domain name of your ndes server then, select \[ add ] for alternate name , select \[ dns ] and enter the fully qualified domain name of your ndes server then, select \[ add ] select \[ apply ] and then \[ ok ] then select \[ enroll ] bind the certificate perform the following steps to bind the ndes certificate in iis on the ndes server, open the windows search bar and look for internet information services (iis) manager open it expand your server name > sites and then select \[ default web site ] on the right side of the screen, locate edit site and select \[ bindings ] on the site bindings page, select \[ add ] change the type to https and select \[ select ] select the ndes certificate you just installed and select \[ ok ] configure request filtering perform the following steps to configure request filtering in iis on the ndes server, open the windows search bar and look for internet information services (iis) manager open it expand your server name > sites and then select \[ default web site ] locate and select \[ request filtering ] on the right side of the screen, locate and select \[ edit feature settings ] change the max url length and max query string values to 65534 select \[ ok ] bind the certificate perform the following steps to bind the certificate in the registry on the ndes server, open the windows search bar and look for system registry editor open it go to computer\hkey local machine\software\microsoft\cryptography\mscep and locate generalpurposetemplate change the value to the name of your certificate template created for ndes (not the display name ) close the registry editor and restart the ndes server for more information on configuring infrastructure for intune, refer to the microsoft documentation