I'm trying to purchase an SSL cert based on documentation for our SCCM server but the FQDN of it is currently something to the effect of sccm.root.com. We don't own root.com and it was setup long ago with that structure. There is a forest migration in process to fix the problem but it will still rename to ourdomain.local. How do I assign a web accessible domain to the SCCM server?
To get a remote configuration certificate issued by one of the certificate authorities you need to prove ownership of the domain you intend to have the certificate issued against. If you do not own "example.com" CA vendors will not issue you a certificate. You can pre-plant a custom hash into your systems that matches an internally generated provisioning certificate, this requires touching the systems with a USB flash drive to plant your customer cert hash into the FW.
MSFT information regarding certificates and SCCM: http://technet.microsoft.com/en-us/library/dd252737.aspx
SCCM quick start guide, see section 4 of the SP2 guide: http://communities.intel.com/docs/DOC-5973
You may actually be able to request and use .local for your provisioning certificate. I just recently went through the process and purchased a provisioning cert for a non-registerable domain from GoDaddy. I just created the CSR using a similar .local domain at it is working perfectly.