Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Use to deploy Root Certificate Authority (CA) certificates to devices. The following list describes the purpose of each setting group.
- In CACertificates, you specify a certificate that will be added to the Intermediate CA store on the target device.
- In ClientCertificates, you specify a certificate that will be added to the Personal store on the target device, and provide (password, keylocation), (and configure whether the certificate can be exported).
- In RootCertificates, you specify a certificate that will be added to the Trusted Root CA store on the target device.
- In TrustedPeopleCertificates, you specify a certificate that will be added to the Trusted People store on the target device.
- In TrustedProvisioners, you specify a certificate that allows devices to automatically trust packages from the specified publisher.
Applies to
| Setting groups | Windows client | Surface Hub | HoloLens | IoT Core |
|---|---|---|---|---|
| All setting groups | ✅ | ✅ | ✅ | ✅ |
CACertificates
In Available customizations, select CACertificates, enter a friendly name for the certificate, and then click Add.
In Available customizations, select the name that you created.
In CertificatePath, browse to or enter the path to the certificate.
ClientCertificates
- In Available customizations, select ClientCertificates, enter a friendly name for the certificate, and then click Add.
- In Available customizations, select the name that you created. The following table describes the settings you can configure. Settings in bold are required.
| Setting | Value | Description |
|---|---|---|
| CertificatePassword | ||
| CertificatePath | Adds the selected certificate to the Personal store on the target device. | |
| ExportCertificate | True or false | Set to True to allow certificate export. |
| KeyLocation | - TPM only - TPM with software fallback - Software only |
RootCertificates
- In Available customizations, select RootCertificates, enter a friendly name for the certificate, and then click Add.
- In Available customizations, select the name that you created.
- In CertificatePath, browse to or enter the path to the certificate.
TrustedPeopleCertificates
- In Available customizations, select TrustedPeopleCertificates, enter a friendly name for the certificate, and then click Add.
- In Available customizations, select the name that you created.
- In TrustedCertificate, browse to or enter the path to the certificate.
TrustedProvisioners
In Available customizations, select TrustedPprovisioners, enter a CertificateHash, and then click Add.
In Available customizations, select the name that you created.
In TrustedProvisioner, browse to or enter the path to the certificate.