Deploying Kerio Control certificate via Microsoft Active Directory

If you use HTTPSHypertext Transfer Protocol - version of HTTP secured by SSL. filtering in Kerio Control and administer your users through Microsoft Active DirectoryA directory service for Windows domain networks., you can deploy a Kerio Control certificate to users' computers via Active Directory. The whole process has two steps:

Deploying root certificate via Active Directory

  1. Log into your Active Directory server as administrator and open the Group Policy Management Console.
  2. Find an existing GPOGroup Policy Object - A collection of settings that define what a system will look like and how it will behave for a defined group of users. or create a new one. The GPO must be associated with the domain, or organizational unit of the computers you want to affect.
  3. Right-click the GPO and select Edit. The Group Policy Management Editor opens, and displays the current contents of the policy object.
  4. Go to Computer Configuration > Windows Settings > Security Settings > Public Key Policies > Trusted Root Certification Authorities.
  5. Right-click Trusted Root Certification Authorities and select the Import option.
  6. Follow the Certificate Import Wizard to find and import the certificate.

To verify that the certificate is deployed to the workstations:

  1. Choose a workstation joined to the domain and restart it, or execute the command gpupdate /force
  2. Open Internet Explorer > Tools > Internet Options > Content > Certificates > Trusted Root Certification Authorities
  3. Verify that your certificate is present.

For detailed information, see Distribute Certificates to Client Computers Using Group Policy.