To add a trusted root certification authority to a Group Policy object

1.

Log on to a domain for which you have administrative privileges to manage the Group Policy object that you want to change.

2.

Open the Group Policy object that you want to edit.

3.

In the console tree, click Trusted Root Certification Authorities.

Where?

Policy Object Name  > Computer Configuration > Windows Settings > Security Settings > Public Key Policies > Trusted Root Certification Authorities

4.

On the Action menu, point to All Tasks, and then click Import. This starts the Certificate Import Wizard, which guides you through the process of importing a root certificate and installing it as a trusted root certification authority (CA) for this Group Policy object.

Note

To open a Group Policy object, see Related Topics.

To use this procedure, you must have administrative privileges for the Group Policy object.

This procedure does not apply to Local Policy objects.

You can import a trusted root certificate from a PKCS #12 file (.pfx, .p12), a PKCS #7 file (.spc, .p7b), a certificate file (.cer, .crt), or a Microsoft serialized certificate store file (.sst).

Related Topics

Open Group Policy as a stand-alone MMC snap-in

Open Group Policy from Active Directory Sites and Services

Open Group Policy from Active Directory Users and Computers

Ways to open the Group Policy snap-in

Policies to establish trust of root certification authorities



© 2014 Microsoft Corporation. All rights reserved. Contact Us |Terms of Use |Trademarks |Privacy & Cookies