05-20-2021 05:55 AM
On Windows this is stored under the user's certificate store under Trusted Root Certificates. On macOS you'll be able to find it under the System certificates in keychain.
@GeorgePalo wrote:Also would this be considered a less secure option because you are pushing down a root certificate to the endpoint meaning that they only require a correct username and password to connect.
Are you using the certificates that you are trying to push as part of your authentication process, because if you are I wouldn't it. We push down our root and intermediate certificates so that users on a BYOD endpoint can navigate to any of our allowed internal resources without certificate errors and so they don't have to manually install our certs. You can have them connect to GlobalProtect and they're automatically ready to access internal websites ect.
