I have an SCCM 2012 R2 environment where I have a number of non-SSL management points. We want to add one new SSL MP to support a handful of Mac clients. I only want to use certs on the Mac clients and not for the rest of the systems. I have added to the new management point and configured it for https communication for internet clients only. The certs all look okay, but I don't want this cert on every single client. My problem is that whenever I try to do an OSD build through Windows PE, it will sometimes hit that MP and fail because there is no client cert.
I would have thought that it would attempt to use another MP if it couldn't communicate via https due to the cert, but it's just failing altogether. What am I missing? Is there something I need to do to tell the regular clients, and the PXE or PE clients to ignore this MP?