To add certificates to the
Trusted Root Certification Authorities store for a domain and group Policy to
distribute the certificate to every Windows computer on your network. Follow
the below mentioned procedure to deploy a certificate to multiple computers by
using Active Directory Domain Services and a Group Policy object (GPO).
Steps:
- Click Start, point to Administrative Tools, and then click Group Policy Management.
- In the console tree, double-click Group Policy Objects in the forest and domain containing the Default Domain Policy Group Policy object (GPO) that you want to edit.
- Right-click the Default Domain Policy GPO, and then click Edit.
- In the Group Policy Management Console (GPMC), go to Computer Configuration, Windows Settings, Security Settings, and then click Public Key Policies.
- Right-click the Trusted Root Certification Authorities store.
- Click Import and follow the steps in the Certificate Import Wizard to import the certificates.
- Click next on Certificate import wizard
- Click Browse and select the downloaded certificate from the saved location -> click next -> make sure Place all certificates in the following store option button is enabled and 'Trusted Root Certification authorities' are selected, click next -> click Finish.
- After few seconds we can see a message that Import is success.
- Close the window
- Perform a Gpupdate /force from the command prompt.
Additional references
