I think that this used to be covered in this forum in posting made in
August, but Thunderbird is telling me that all of those postings have
been deleted.

We have to blow away our ZCM 10 server and start over from scratch. So
we are taking this opportunity to fix all of the problems we made the
first time around.

Can anyone give me a clear lists of reasons you would specify using
external certs or internal certs when setting up ZCM 10 on a SLES 10+SP1

We can go either way, but ultimately we want to choose the option that
will not complicate things for the users and (preferably) the

As far as I can tell, by default the internal cert will expire after 1
year, but there is supposedly a way to set the timeout to something else.

I don't remember the details, but I think someone had pointed out that
one of the two options for certs may affect the way that communication
is handled between the server and the clients. Something about maybe
the user on a computer about to be remote-controlled having to accept
the certificate before a remote control session could be started or