Creating a Group Policy Object for the WSTEP certificate chain

The recommended method to configure a certificate chain trust is to create a Group Policy Object (GPO) linked to all domains in the Active Directory forest.

To create a Group Policy Object

  1. Log into the root Active Directory of the forest as an Active Directory administrator.

  2. Select Start > Windows Administrative Tools > Group Policy Management to open the Group Policy Management dialog.
     images/download/attachments/240934602/image-2024-2-14_12-37-19-version-1-modificationdate-1707894961373-api-v2.png

  3. Under the root domain, right click the Group Policy Objects folder and select New to display the New GPO dialog.

    images/download/attachments/240934602/image-2024-2-29_17-8-37-version-1-modificationdate-1709204917807-api-v2.png

  4. Provide a new Name for the GPO and click OK.