There are several ways of assigning a certificate to an endpoint. One way is to
assign it by using a Microsoft Group Policy, which is described in this section. If
you want to use a different method, make sure that the certificate is stored in the
local machine certificate store.
To assign a certificate by using Group Policy:
- Open Group Policy Management console
- Create a new group policy object (GPO) to contain the certificate settings.
Ensure that the GPO is associated with the domain, site, or organizational unit
which contains the users you want to manage with the policy.
- Right-click the GPO, and then select Edit.
Management Editor opens, and displays the current contents
of the policy object.
- In the navigation pane, open Computer Configuration >
Windows Settings > Security
Settings > Public Key Policies >
- Click the Action menu, and then click
- Follow the instructions in the Certificate Import Wizard
to find and import the certificate.
- If the certificate is self-signed, and cannot be traced back to a certificate
that is in the Trusted Root Certification Authorities certificate store,
then you must also copy the certificate to that store. In the navigation pane,
click Trusted Root Certification Authorities, and then repeat steps 5 and
6 to install a copy of the certificate to that store.