API/PowerShell cmdlet to manage/automate CMG certificate renewals
Companies are looking for alternatives to the large public CA authorities like Verisign and DigiCert, one such alternative is Let's Encypt. They offer free public-signed certificates, the only problem is the certificates need to be renewed every 90 days. The renewal can be automated using Certbot.
However there does not appear to be any functionality in the current ConfigMgr release to allow for automated certificate replacement/renewal. This seems to be a gap in the PowerShell functionality.
Sure its only a few minutes every 90 days to log into the console open up the CMG instance and update the certificate, and this is not an issue if you only have 1 CMG but if you have multiple CMGs or CDPs that need updated certificates this could become very time consuming.
Automation is the key and if we had an ability update these certificates from a PowerShell cmdlet it would help with the whole automation process.