Hi
After sleeping on it I managed to solve the problem by myself. I think the
clue was to add the certificate to the whole domain, not just the user
account's OU
Now it is working fine - on all PCs I can trust the signer and get rid of
the security warning
Harald, Norway
"Harald" <not[ at ]available.com> wrote in message
news:udkYxxHYJHA.1528[ at ]TK2MSFTNGP03.phx.gbl...
[Quoted Text] >
>
> I have made a certificate using SELFCERT.EXE, signed an Excel template
> with this certificate and managed to import this certificate on another
> PC. This import procedure was not very easy (seen from an end user point
> of view).
>
> Is it possible to deploy this "home made" certificate using AD Group
> Policy? I have search a lot on the Intranet and found some information
> about it. I have also exported the certificate to a file and then imported
> it into the OU's Group policy (Computer Configuration | Windows Settings |
> Security Settings | Public Key Policies | Trusted Root Certification
> Authorities).
>
> But when I am on our Terminal Server logged in on an account in this OU
> the certificate is not viewable in Excel and when opening the signed
> template I have the security warning with information about the signer,
> but not the possibility to "Always Trust macros from this publisher" (I
> have to import the certificate to get this option active).
>
> Questions:
>
> 1: Is it possible to deploy a self-made certificate using Group Policy?
>
> 2: If not - can it be solved by buying a "professional" certificate?
>
> 3: Are there other ways to deploy this (or a "proffessional") certificate?
> Command line utility?
>
> If you know something about this I am very happy if you can give me some
> guiding principle or point me to more information about this.
>
>
>
> Thanks in advance.
>
> Harald, Norway
>
>
|