: SSL certificate that does not verify identity (I'm fairly sure I know the answer, but just in case...) We want SSL on an internal-use webserver, but the usual ones don't work for the usual

@Nimeshi995

You should never need to tell a user to do this and that... Network administration has become almost automated over the last decade. You can push a SSL certification to all machines using Group Policy's.


To distribute certificates to client computers using Group Policy


On a domain controller in the forest of the account partner organization, click Start, point to Administrative Tools, and then
click Group Policy Management.
Find an existing Group Policy object (GPO) or create a new GPO to contain the certificate settings. Ensure that the GPO is associated
with the domain, site, or organizational unit (OU) where the
appropriate user and computer accounts reside.
Right-click the GPO, and then click Edit.
In the console tree, open Computer ConfigurationPoliciesWindows SettingsSecurity SettingsPublic Key Policies, right-click Trusted
Root Certification Authorities, and then click Import.
On the Welcome to the Certificate Import Wizard page, click Next.
On the File to Import page, type the path to the appropriate certificate files (for example, adfsresourcec$adfsresource.cer),
and then click Next.
On the Certificate Store page, click Place all certificates in the following store, and then click Next.
On the Completing the Certificate Import Wizard page, verify that the information you provided is accurate, and then click Finish.
Repeat steps 2 through 6 to add additional certificates for each of the AD FS servers

Vote Up Vote Down