This topic applies only if you have not purchased and installed a certificate from
valid certification authority (CA) (for example, VeriSign).
There are several types of self-signed certificates. Contact your network
administrator for the type of certificate that is appropriate for your network and
security requirements.
To install a self-signed computer certificate, perform the following:
-
Choose Start>All
Programs>Administrative
Tools>Certification Authority.
-
Under Certification Authority (Local), expand the name
of your CA.
-
Install a self-signed certificate, if you have been issued one.
Contact your network administrator for the appropriate type of certificate to
be installed.
-
To install a self-signed certificate if you have not been issued one, choose
Start>All
Programs>Administrative
Tools>Certification Authority.
-
Right-click Certificate Templates and choose
Manage.
-
Double-click Computer Template and select
Security.
-
Choose Allow and check the Enroll
for Permissions for Authenticated Users.
-
Click OK.
Saves and closes Certificate Templates.
-
Choose Start>All
Programs>Administrative
Tools>Active Directory Users and
Computers.
-
Right-click the appropriate domain name and choose
Properties.
-
Select the Group Policy>Default Domain
Policy, and choose Edit.
-
Double-click Computer Configuration>Windows
Settings>Security
Settings>Public Key Policies.
-
Right-click Automatic Certificate Request Settings, and
choose New>Automatic Certificate
Request.
-
Click Next.
-
Select Computer, click Next, and
then click Finish.
-
Reboot the computer.
A self-signed certificate is now installed and you can verify by repeating
steps 1 to 3.
