In one of our previous posts, we saw what these are Root certificates . There may be times when some companies or users feel the need to manage and configure trusted root certificates to prevent other domain users from setting up their own set. In this post, we’ll see how to manage trusted root certificates and how to add certificates to the Trusted Root Certification Authorities store in Windows 10 / 8.1.
Managing trusted root certificates in Windows
For add certificates to the Trusted Root Certification Authorities store For a local computer, from the WinX menu in Windows 10 / 8.1, open the Run box, type mmc and press Enter to open Microsoft Management Control.
Click the File menu link and select Add / Remove Plugins. Now, in Available settings, click certified , then click Add.
Click OK. In the next dialog box, select Computer account and then Next.
Now select The local team and click Finish.
Now back in the MMC, in the console tree, double-click certified and then right click Shop for trusted root certification authorities . On All tasks , Select to import ..
The Certificate Import Wizard opens.
Follow the instructions in the wizard to complete the process.
Now let’s see how to configure and manage trusted root certificates for a local computer. Open MMC, click the File menu link, and select Add / Remove Snap-in. Now, in Available settings, click Group Policy Object Editor , then click Add. Select the computer whose local GPO you want to edit and click Finish / OK.
Now, back in the MMC console tree, navigate to Local Computer Policy> Computer Settings> Windows Settings> Security Settings. Next Public key policies . Double-click Certificate Path Validation Settings, then select the Stores tab.
Select here Define these policy settings , , , , and , , , , , , , , , and , .
Finally, on the Stores tab> Root Certificate Stores, select an option in Root CA that client computers can trust and click OK. When in doubt, choose the recommended option.
To see how you can manage trusted root certificates for a domain and how Add certificates to the Trusted Root Certification Authorities store for a domain , Visited Technet .
RCC is a free root certificate scanner that can help you scan Windows root certificates to obtain trusted certificates.