http://technet.microsoft.com/en-us/library/cc949119.aspx
That document looks pretty straightforward, but I'm curious about a couple things:
1) Why after you do "To request a trusted certificate from a CA," which is purely an IIS-driven task, do you then use CEICW to install the certificate? The natural thing would be to return to the same place in IIS to use "Process the pending request and install the certificate," wouldn't it?
Could I actually do that instead?
2) The part near the end, which states that "Remote computers...that are joined to the Windows SBS 2003 domain receive certificate updates automatically. However, you must manually install the certificate on computers...that are not members of the domain."
What? That essentially eliminates the advantage of a trusted certificate then if that's the case. Few if any of our remote PCs are joined to the domain. I find it hard to believe that the act of using OWA or RWW wouldn't acquire the certificate automatically as expected regardless. I know that's how, say, RDWeb works in Server 2008, or any IIS site for that matter.