Deploying Kerio Control certificate via Microsoft Active Directory
If you use HTTPSHypertext Transfer Protocol - version of HTTP secured by SSL. filtering in Kerio Control and administer your users through Microsoft Active DirectoryA directory service for Windows domain networks., you can deploy a Kerio Control certificate to users' computers via Active Directory. The whole process has two steps:
- Exporting a certificate from Kerio Control. For more information refer to Exporting and importing Kerio Control local authority as root certificate.
- Deploying root certificate via Active Directory
Deploying root certificate via Active Directory
- Log into your Active Directory server as administrator and open the Group Policy Management Console.
- Find an existing GPOGroup Policy Object - A collection of settings that define what a system will look like and how it will behave for a defined group of users. or create a new one. The GPO must be associated with the domain, or organizational unit of the computers you want to affect.
- Right-click the GPO and select Edit. The Group Policy Management Editor opens, and displays the current contents of the policy object.
- Go to Computer Configuration > Windows Settings > Security Settings > Public Key Policies > Trusted Root Certification Authorities.
- Right-click Trusted Root Certification Authorities and select the Import option.
- Follow the Certificate Import Wizard to find and import the certificate.
To verify that the certificate is deployed to the workstations:
- Choose a workstation joined to the domain and restart it, or execute
the command
gpupdate /force
- Open Internet Explorer > Tools > Internet Options > Content > Certificates > Trusted Root Certification Authorities
- Verify that your certificate is present.
For detailed information, see Distribute Certificates to Client Computers Using Group Policy.