Public key policies in Group Policy

I'm not understanding what the difference is between the Trusted Root Certification Authorities policy and the Enterprise Trust policy.

Do they do the same thing? Why would you choose one over the other? I see where I work we have a couple CA's in the Trusted Root Certification Authorities, but nothing in the Enterprise Trust policy.

Thanks

Find more posts tagged with

Save $250 on 2025 certification boot camps from Infosec!

Book now with code EOY2025

Button

Comments

willhi1979

Based on Technet:

If your organization has its own root CAs that are not installed on servers, you should use the trusted root certification authority policy to distribute your organization's root certificates. For more information, see Trusted root certification authority policy.

If your organization does not have its own CAs, use the enterprise trust policy to create CTLs to establish your organization's trust of external root CAs. For more information, see Using enterprise trust policy.

Here's a link: Enterprise trust policy: Security Configuration Editor; Security Services I hope the 294 studying is going well for you. I took the 299 and got spanked badly. I am taking the 298 on Thursday, and I have a better feeling on it right now. After finishing the 298, I was going to retake the 299 and hope I don't get questions out of left field again.

Devilsbane

Thanks for the information. By definition I see the difference, but I don't see a functional difference. Thats what kind of bugs me about it.

And studying has its moments. I'm tentatively planning late next week to be the big date, but I still have a long way to go. Good luck with the 298