How do I deploying a self-signed root certificate with a group policy

<< Back to Knowledge Search



Deploying a Self-Signed Root Certificate with Group Policy

  1.  To get a copy of the certificate into a file so that it can be imported into Group Policy, click View Certificate. The certificate is displayed.


  1.   Select the Details tab and then click Copy to File. 


  1. Select Cryptographic Message Syntax Standards (PKCS #7) as the file format and then click Next.


  1.  When prompted for a filename, enter a name with the .p7b extension.
  2. Copy the file to the Windows Server with the Group Policy Management.

Deploying the Certificate with Group Policy

  1. Launch the Group Policy Manager and navigate to the object that corresponds too the policy on which the certificate will be used. I prefer the Default Domain Policy because there is no need to deploy this certificate through the entire enterprise. Right click on the selected object and select Edit.


  1. Select  Computer Configuration > Windows Settings >Security Settings >Public Key Policies.
  2. Right-click the Trusted Root Certification Authorities folder and then select Import.

  1.  In the Certificate Import Wizard, browse to the location of the certificate file you saved to this server and then click Next. The Certificate Store screen displays.

  1. Click NEXT and then click Finish to import the certificate. It now appears in the Group Policy object. The next time a user logs in, these settings will be applied and the certificate will be trusted by Internet Explorer.




Additional Information
Bug Number
InQuira Doc IdFAQ937

Article Feedback

Hide Properties
First Published      10/01/2014
Last Modified      10/01/2014
Last Published      10/01/2014
Article Audience
Product      ProxySG
Topic      SSL / HTTPS
Article Number      000010289
Was this helpful?
Previous MonthNext Month