Using certificates for System Center Operations Manager (SCOM) Agent authentication is a somewhat cumbersome process and prone to error.  This automates deployment and validation of certificates.   It provides the following ways to validate the certificates:

• (Default behavior) - validate that a certificate is configured, that it exists in the local store, and is a valid certificate.
• All certificates in the local store and determine which are valid and what is missing from the invalid certificates.
• Personal Information Exchange (PFX) certificate file offline
• A specific certificate in the local policy store based on serial number

It also supports the following deployment scenarios:

• The valid certificate (per SCOM Agent criteria) with the longest expiration
• PFX file
• A specific certificate in the local policy store based on serial number
• Removal of SCOM Agent certificate configuration (does not remove certificate from the machine)

Per request, the ability to request a certificate from Microsoft Enterprise and Standalone CAs has also been added in.

This is designed with using it as a System Center Configuration Manager (SCCM) detection method in mind such that SCCM can be used to validate and ensure that the client is configured correctly.  This functionality is transparent to normal use.

Reference:  http://blogs.technet.com/b/ken_brumfield/archive/2014/01/06/momcertimport-is-it-all-it-s-cracked-up-to-be.aspx