Deploying Your Own Root CA via Group Policy

Although it took some searching, this nugget was quite simple.

One of my clients has a Linux Certificate Authority and none of the Windows systems would give an invalid or unknown certificate authority error when visiting a company website that used a cert created by the CA.

Get your root certificate ready, then fire up the Group Policy Management Console (or gpmc.msc). Either create a new group policy or use the Default Domain Policy to deploy it to every system.

Right-click the policy of your chosing and select Edit... go to Computer Configuration > (Policies, if you are using Windows 2008 ) > Windows Settings > Security Settings > Public Key Policies > Trusted Root Certification Authorities, right-click and choose Import... and using the import wizard browse over to your root certificate and you are done.

Within a few days most computers on the domain should have the certificate, aside from the stragglers who never seem to be on the network.

Exchange 2010 is Now Available

Good thing we had that free eBook to learn Exchange 2010, because the announcement on the official Microsoft Exchange Team Blog says it is out the door and available worldwide.

You can grab the 120 day trial here. And this time there is no 32-bit version, as with the Exchange 2007 trial.

And if you are a TechNet or MSDN subscriber, the full (non-expiring) version is available for download as well.