Just a quick post showing how to change the certification pipeline to use SSL after initial install not choosing to secure the URL. This may be the case if you need to request a certificate after initial set up or are waiting on a third party certificate, or just change your mind! The steps to do this are outlined below:
1. Open IIS on the AD RMS server and edit the bindings, add a binding for HTTPS selecting the certificate to use making sure the name matches your cluster URL.
2. Remove the HTTP binding from the list and do an IIRESET.
3. Close and reopen the AD RMS console and ensure in the centre console both URL’s are using HTTPS.
4. If the SCP has already been published in Active Directory you will need to re-publish it so that clients discover the new HTTP’s certification pipeline.