My SCOM 2007 deployment relies heavily on certificates for monitoring non-trusted servers. This is accomplished by deploying customised certificates that are requested from a W2003 CA CertSrv website. W2008 Certificate Services does not allow you to request machine certificates from the web site so getting things to work is a bit more complicated … actually, much more complicated.
The SCOM team has blogged how to get things working. Luckily, they’ve bundled the cert request process into a script.