Public key policies in Group Policy

DevilsbaneDevilsbane Member Posts: 4,212 ■■■■■■■■□□
I'm not understanding what the difference is between the Trusted Root Certification Authorities policy and the Enterprise Trust policy.

Do they do the same thing? Why would you choose one over the other? I see where I work we have a couple CA's in the Trusted Root Certification Authorities, but nothing in the Enterprise Trust policy.

Decide what to be and go be it.


  • willhi1979willhi1979 Member Posts: 191
    Based on Technet:

    If your organization has its own root CAs that are not installed on servers, you should use the trusted root certification authority policy to distribute your organization's root certificates. For more information, see Trusted root certification authority policy.

    If your organization does not have its own CAs, use the enterprise trust policy to create CTLs to establish your organization's trust of external root CAs. For more information, see Using enterprise trust policy.

    Here's a link: Enterprise trust policy: Security Configuration Editor; Security Services I hope the 294 studying is going well for you. I took the 299 and got spanked badly. I am taking the 298 on Thursday, and I have a better feeling on it right now. After finishing the 298, I was going to retake the 299 and hope I don't get questions out of left field again.
  • DevilsbaneDevilsbane Member Posts: 4,212 ■■■■■■■■□□
    Thanks for the information. By definition I see the difference, but I don't see a functional difference. Thats what kind of bugs me about it.

    And studying has its moments. I'm tentatively planning late next week to be the big date, but I still have a long way to go. Good luck with the 298
    Decide what to be and go be it.
Sign In or Register to comment.