Submit a ticketCall us

Don’t fall victim to a ransomware attack
Backups are helpful, but sometimes that’s not enough to protect your business against ransomware. At our live webcast we will discuss how to protect against ransomware attacks with SolarWinds® Patch Manager and how to leverage log data to detect ransomware. Register now for our live webcast.

Home > Success Center > Patch Manager > Deploy certificates using Group Policy

Deploy certificates using Group Policy

Table of contents

Overview

Use this procedure to deploy a certificate to multiple computers by using the Active Directory Domain Services and Group Policy Object (GPO). This procedure is useful each time a certificate needs to be pushed to clients.

For example, when you need to push a WSUS self-signed or CA-signed certificate to all of your clients before they can trust the published third party packages.

Note: As a minimum requirement, only members of the local administration group (or its equivalent) can perform this procedure.

Environment

  • All Patch Manager versions
  • All WSUS versions
  • All SCCM versions

Steps

  1. Open the Group Policy Management Console.

  2. Find an existing or create a new GPO that contain the certificate settings. Ensure that the GPO is associated with the domain, site, or organizational unit whose users you want affected by the policy.

  3. Right click the GPO, and then select Edit.

    The Group Policy Management Editor opens, and displays the current contents of the policy object.

  4. In the navigation pane, open Computer Configuration\Windows Settings\Security Settings\Public Key Policies\Trusted Publishers.

  5. Click the Action menu, and then click Import.

  6. Follow the instructions in the Certificate Import Wizard to find and import the certificate.

  7. If the certificate is self-signed, and cannot be traced back to a certificate that is in the Trusted Root Certification Authorities certificate store, then you must also copy the certificate to that store. In the navigation pane, click Trusted Root Certification Authorities, and then repeat steps 5 and 6 to install a copy of the certificate to that store.

 

 

Last modified
12:15, 19 Jun 2017

Tags

Classifications

Public