Managing trust of user-selected certification authorities

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

Managing trust of user-selected certification authorities

For users, all trusted root certificates are stored under Trusted Root Certification Authorities.

You can view the certificates in this store by following the procedures in Manage certificates for your user account and Display certificate stores storage structure. In the console tree, click Certificates - Current User, then click Trusted Root Certification Authorities, and then click Certificates.

Administrators can use Group Policy to disable the trust of user-selected root certification authorities (CAs). Then, when network users access any secure Web site that is validated by one of these user-selected root CAs, they receive a security alert message that informs them that the site is not trusted. To disable trust in user-selected root CAs for a domain (or for any Group Policy object), see Disable trust of user-selected root CAs for a Windows Server 2003 domain.

For more information, see Managing trust of third-party certification authorities and Certificate stores.