[TUTO] – Certificate: How to deploy a root certificate by GPO

0
273
1 Star2 Stars3 Stars4 Stars5 Stars (Aucun Vote)
Loading...
25 Shares

We will see together in this tutorial how to deploy a root certificate by GPO (Group Policy Object). It is for me one of the quickest and easiest way to deploy your certificates into your domain Active Directory Enterprise. We will focus on configuring a deployment of the certificates in the store “Trusted Root Certification Authorities” but this tutorial will work also for other stores such as:

  • Intermediate Certification Authorities
  • Trusted Publishers
  • Untrusted Certificates
  • etc…

Some documentation on the GPO: https://technet.microsoft.com/fr-fr/library/ee390965(v=vs.85).aspx

 

Note: This tutorial was made under an Active Directory 2016 environment

 

Open the console “Group Policy Management”, create a new GPO, and then edit the.

You are at the level of the console “Group Policy Management editor”, then go in :

  • Computer Configuration
    • Policies
      • Windows Settings
        • Security Settings
          • Local Policies
            • Public Key Policies

 

Click on “Trusted Root Certification Authorities” and then “Import…”.

 

Click “Next”.

 

Click on “Browse”… then get the certificate that you want to deploy.

 

Click “Next”.

 

Check that the certificate is well positioned at the level of the store “Trusted Root Certification Authorities” and then click “Next”.

 

Click “Finish” to end the import.

 

Now you just have to deploy your GPO on a OU where you can find your servers or user workstations.

 

25 Shares
Jérémy Lebon
Fondateur de sys-Advisor.com, Ingénieur de production Informatique dans l'e-commerce mais passionné avant tout, je partage mon quotidien à travers ce site. #sysadmin #microsoft #vmware #tech #geek @sysadvisor Contact Skype Enterprise : jeremy.lebon@sys-advisor.com

LAISSER UN COMMENTAIRE

Please enter your comment!
Please enter your name here