AD CS - How is the root CA certificate distributed to clients?

Discussion in 'Active Directory Exams' started by LukeP, Oct 14, 2012.

  1. LukeP

    LukeP Gigabyte Poster

    I'm trying to find out how the root CA is distributed to client computers?

    I found a TechNet article: Enterprise certification authorities: Public Key that reads:

    But in my lab I looked inside Default Domain Policy and can't find the CA certificate setting anywhere. I also disabled Default Domain Policy link in my domain and regenerated new CA certificate and it propagated to my lab workstation. So effectively, the CA certificate is distributed to clients even if all the GPO objects in a domain are disabled.

    Can someone explain how AD CS distributes certificates to domain computers?

    I'm currently doing some work with AD CS and while it's all working (good) and certificates are distributed to clients properly, I'd like to understand how.
    Last edited: Oct 14, 2012
    WIP: Uhmm... not sure

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.