Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Monday, March 30, 2009 5:37 PM
Hi Guys,
I have the following problem. I want to import certificates in the Intermediate Certification Authorities store of the machine. Since we have alot of computers, I want to be able to do this through group policy or some other automated way. I think through group policy, you can only import certificates on the Trusted root store. Is there any other way?
All replies (2)
Wednesday, April 1, 2009 2:23 AM ✅Answered | 1 vote
Hi,
The functionality to import intermediate CA certificates using group policy is available in Windows Server 2008 but not in Windows Server 2003. For Windows 2003 domain, you could write a script that uses the following command to push out the intermediate CA certificate via group policy. The server will have to be rebooted for this to take effect. As long as the script is run under the System account it should work.
Certutil –f –addstore CA <intermediate CA name>.crt
Note: CA is the programmatic name of the Intermediate Certification Authorities store.
Hope it helps.
Wednesday, April 1, 2009 2:46 AM
Thank you. I wasn't sure if Windows Server 2003 had this ability. I guess it doesn't through group policy. Appreciate all your help.