Deploy the HTTPS Inspection certificate via GPO
For your client machines to access HTTPSHypertext Transfer Protocol over Secure Socket Layer (SSL). sites, a trusted HTTPS Inspection certificate needs to be deployed on client computers.
This feature is not available for GFI WebMonitor installed as a plug-in for Microsoft Forefront TMGMicrosoft Forefront Threat Management Gateway. A Microsoft product that provides firewall and web proxy services. It also enables administrators to manage Internet access through policies. It is the successor of the Microsoft ISA Server and is part of the Microsoft Forefront line of business security software..
Use the Export Certificate functionality to save the certificate to disk, then deploy your certificate to multiple computers using Active DirectoryA technology that provides a variety of network services, including LDAP-like directory services. Domain Services and a Group Policy object (GPOGroup Policy Objects.). A GPO can contain multiple configuration options, and is applied to all computers that are within the scope of the GPO.
To complete this procedure you need Domain AdministratorThe person responsible for installing and configuring GFI WebMonitor. rights.
To deploy a certificate by using GPO:
- Open Group Policy Management ConsoleAn interface that provides administration tools that enable the monitoring and management of Internet traffic..
- Find an existing or create a new GPO to contain the certificate settings. Ensure that the GPO is associated with the domain, site, or organizational unit which users you want affected by the policy.
- Right-click the GPO, and then select Edit. Group Policy Management Editor opens, and displays the current contents of the policy object.
- In the navigation pane, open Computer Configuration > Policies > Windows Settings > Security Settings > Public Key Policies > Trusted Publishers.
- Click the Action menu, and then click Import.
- Follow the instructions in the Certificate Import Wizard to find and import the certificate.
- If the certificate is self-signed, and cannot be traced back to a certificate that is in the Trusted Root Certification Authorities certificate store, then you must also copy the certificate to that store. In the navigation pane, click Trusted Root Certification Authorities, and then repeat steps 5 and 6 to install a copy of the certificate to that store.