I have created the SSL decryption certificate and applied it using group policy. When testing I have several workstations that work with no issue but many others that recieve certificate errors. I cannot find any difference in the browser setup, the SSL certificate is in the workstation trusted root store where it should be. It looks like a 50/50 success rate. Windows 10 workstations, some on 1809 and some on 1903 with the same mixed results. I am at a loss, anybody had this issue?
Solved! Go to Solution.
What browser are you using for these tests? Some browsers will not, by default, look at the machines certificate store and will use their own.
So I believe I amy have to solution figured out. In the certificate options there is a box for root certificate. None of the instructions I read referenced that, but after checking that and re-deploying the certificate my sucess rate is 100%.
Odd that the guide you were following left that out, as it's a requirement to get this to function correctly. If you allow the installation of Firefox you'll also need to utilize the ESR version or do a little bit of manual work for FireFox to trust your cert; by default FireFox will not read the Windows cert store.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!