hi,
I'm trying to set up a GPO with settings for IPSEC, so far i've done:
Install Enterprise Root CA on member server
create gpo for IPSEC tasks
create new security policy
- create "All IP traffic" rule
-- add Certification authority "method" as the highest preference
here is the problem: When I select "User a certificate from this
certification authority (CA) and click Browse, i get the warning:
"Active Directory does not contain a shared certificate store. When
configuring Active Directory-based IPSec policy to use certificate
authentication, you must ensure that each domain memver has an appropriate
certificate installed"
How can i create / enable this "shared certificate store" ?
I tried "selecting a certification authority from the certificate store on
the local computer" but after the policy is applied i cannot log in to the
test servers using a domain account
thanks in advance
|
Similar Threads
Linear Mode
