Let's say that you decide that you want to enable SSL on your Active Directory Rights Management Services (AD RMS) pipelines after AD RMS is provisioned. It is recommended that you decrypt all AD RMS-protected content, re-install and re-provision AD RMS, and then encrypt the content again. However, this is not always possible.
One alternative option is to provision a new AD RMS environment and redirect all of your AD RMS clients to use this new licensing server. Before we see how to do this, there are several assumptions made about your AD RMS environment:
Now, to enable SSL in your AD RMS environment after the AD RMS server has been provisioned, you should follow these steps:
Please note that the rights policy templates and trusted user domains will not be transferred using the steps outlined in this post. Also, the ideal method to enable SSL after AD RMS is provisioned is as follows:
Ed Price MSFT edited Original. Comment: Updated title casing.