trying to eliminate some administrative overhead here...
Have a client that we exchange information with (via web based portal) using a certificate that they have provided to our company. We have incorporated this functionality into another web based application.
When we import the .p12 certificate they provided manually on a computer, everything works fine, however we have been trying to get it to push out using a domain policy rather than manually installing this thing on every computer, and when it expires, repeating the process.
Efforts to add it to the domain policy editor under
> computer configuration/windows settings/Public Key Policies/Trusted Root Certification Authorities
results in it effectively not being installed (though looking on the computer it is there, the web page simply does not display because the certificate is not there... catch 22).
Manually going to a computer and importing the certificate, everything works as expected.
Thoughts, ideas, something I am misunderstanding?