Adding Self-Signed PKI to Windows Trusted Certificate Store via Group Policy

Channel:
United States i12bretro
Subscribers:
14,500
Published on ● Video Link: https://www.youtube.com/watch?v=_pWAkCAOO-w


Category:
Tutorial
Duration: 4:01
422 views
2

#PublicKeyInfrastructure #Certificates #Windows #GroupPolicy

Full steps can be found at https://i12bretro.github.io/tutorials/0010.html

This is part three of a series of creating your own self-signed PKI and some ways to utilize the PKI to setup SSL for your web server or create your own OpenVPN server.
 
Disclaimer: I am not a security expert. This is just the easiest way I have found to create and utilize SSL for my homelab services.
 
--------------------------------------------------------------------
Prerequisites
--------------------------------------------------------------------
   - A XCA PKI database  https://youtu.be/ezzj3x207lQ
 
--------------------------------------------------------------------
Exporting Certificates from XCA
--------------------------------------------------------------------
   01. Launch XCA
   02. Open the PKI database if it is not already (File ≫ Open DataBase), enter password
   03. Click on the Certificates tab
   04. Right click the Intermediate CA certificate ≫ Export ≫ File
   05. Set the file name with a .crt extension and verify the export format is PEM (*.crt)
   06. Click OK
   07. Right click the Root CA certificate ≫ Export ≫ File
   08. Set the file name with a .crt extension and verify the export format is PEM (*.crt)
   09. Click OK
 
--------------------------------------------------------------------
Push Certificates Into Windows Certificate Store Via GPO
--------------------------------------------------------------------
   01. Launch Group Policy Management (Control Panel ≫ Administrative Tools ≫ Group Policy Management)
   02. Right click Default Domain Policy ≫ Edit...
   03. Expand Computer Configuration ≫ Policies ≫ Windows Settings ≫ Security Settings ≫ Public Key Policies
   04. Right click Trusted Root Certification Authorities ≫ Import..
   05. Click Next
   06. Click Browse ≫ Select the exported Root CA .crt file ≫ Click Next
   07. Verify Include all extended properties is checked
   08. Click Next
   09. Click Next
   10. Click Finish
   11. Right click Intermediate Certification Authorities ≫ Import..
   12. Click Next
   13. Click Browse ≫ Select the exported Intermediate CA .crt file ≫ Click Next
   14. Verify Include all extended properties is checked
   15. Click Next
   16. Click Next
   17. Click Finish
   18. Close the Group Policy Management Editor window
   19. Force Group Policy update by Right clicking the start button ≫ Run ≫ cmd
   20. Type gpupdate /force
 


### Connect with me and others ###
★ Discord: https://discord.com/invite/EzenvmSHW8
★ Reddit: https://reddit.com/r/i12bretro
★ Twitter: https://twitter.com/i12bretro



Other Videos By i12bretro


2020-05-18Building Custom PHP Error Handling
2020-05-11Install CyanogenMod on Ouya
2020-05-08Fix the Ouya Discover Store 2020 - This is AMAZING!!!
2020-05-04Installing EmuElec on S905x Android TV Box (Sunvell T95x)
2020-05-04Installing Armbian on Allwinner H6 Android TV Box (Tanix TX6)
2020-04-27Creating and Applying SSL Certificate to Windows IIS
2020-04-27Creating and Applying SSL Certificate to Apache HTTPD
2020-04-20Flashing the OUYA with i12bretro Image
2020-04-20Setting Up DD-WRT OpenVPN Server and Certificate Creation
2020-04-13Adding Self-Signed PKI to Windows Trusted Certificate Store
2020-04-13Adding Self-Signed PKI to Windows Trusted Certificate Store via Group Policy
2020-04-09Sega CD Boot Animation
2020-04-09Nintendo DS Boot Animation
2020-04-09Nintendo Wii Boot Animation
2020-04-08Nintendo Game Boy Advance Boot Animation
2020-04-08Nintendo Game Boy Color Boot Animation
2020-04-08Nintendo Game Boy Boot Animation
2020-04-08Nintendo Gamecube Boot Animation
2020-04-08Sega Master System Boot Animation
2020-04-08Sega Saturn Boot Animation
2020-04-08Sega Dreamcast Boot Animation


Tags:
Certificate Authority
Certificates
Group Policy
HTTPS
How To
How To Add Self-signed Certificates To Windows
How To Create Self-Signed Certificates
Microsoft Windows
PKI
Public Key Infrastructure
SSL
SSL Certificates
Self-Signed
Self-Signed Certificate
Self-Signed HTTPS
Self-Signed PKI
Self-Signed SSL
Tutorial
Windows
Windows Administration
Windows Trust Self-Signed Certificates
Windows Trusted Certificates
X Certificate Key Manager
XCA
i12bretro