Creating GPO to Deploy Webroot SSL Certificates for IE and Chrome
To create GPO to deploy Webroot SSL certificates:
- Log onto your Windows Domain Controller with Domain Admin, Enterprise Admin, or equivalent.
- Start the Group Policy Management snap-in.
- Right-click the Domain or Organizational Unit where you want the Group Policy Object created and select Create a GPO in this domain, and Link it here.
The New GPO window displays.
- In the Name field, enter a name for the GPO that identifies that this is for Webroot SSL IE and Chrome management. For example, name it Webroot SSL Certificate - iE and Chrome.
- Click the OK button.
- In the console tree, select Computer Configuration > Policies > Windows Settings > Security Settings > Public Key Policies.
- Right-click Trusted Root Certification Authorities and select Import.
The Certificate Import Wizard window displays.
- Click the Browse button, and navigate to where you extracted the Webroot SSL Certificate files.
- Select the ca.live.crt file and click the Open button.
- Click the Next button.
- Do both of the following:
- Verify that the Place all certificates in the following store radio button is selected.
- Ensure the Certificate store field displays Trusted Root Certification Authorities.
- Click the Next button.
- Go back to the console tree, and select Computer Configuration > Policies > Windows Settings > Security Settings > Public Key Policies.
- Right-click Intermediate Certification Authorities and select Import.
The Certificate Import Wizard window displays.
- Click the Browse button, and navigate to where you extracted the Webroot SSL Certificate files.
- Select the ia.live.crt file and click the Open button.
- Click the Next button.
- Do both of the following:
- Verify that the Place all certificates in the following store radio button is selected.
- Ensure the Certificate store field displays Intermediate Certification Authorities.
- Click the Next button.
- Verify the settings, and click the Finish button.
