In the Active Directory Domain Controller, install all certificates in the CA certificate chain as trusted root certificates.
To install the CA certificates in the Active Directory Domain Controller
- Log in to the server hosting Active Directory.
- Open the Group Policy Management administrative tool. Select Start > Windows Administrative Tools > Group Policy Management.
The Group Policy Management dialog box appears.
- In the tree view, expand the Domain Controller you will modify.
- Right-click Default Domain Policy > Edit.
The Group Policy Management Editor dialog box appears.
- In the tree view, expand Computer Configuration > Policies > Windows Settings > Security Settings > Public Key Policies > Trusted Root Certification Authorities.
- Right-click Trusted Root Certification Authorities > Import.
- Select the Security Manager CA certificates or the CA certificates file you obtained earlier in Obtaining the CA certificates.