Confirm That Certificates Are Deployed Correctly

Applies To: Windows Server 2012

After configuring your certificates and autoenrollment in Group Policy, you can confirm that the policy is being applied as expected, and that the certificates are being properly installed on the workstation computers.

In these procedures, you refresh Group Policy on a client computer, and then confirm that the certificate is deployed correctly.

Administrative credentials

To complete these procedures, you must be a member of the Domain Administrators group, or otherwise be delegated permissions to modify the GPOs.

In this topic:

• Refresh Group Policy on a computer

• Verify that a certificate is installed

To refresh Group Policy on a computer

1. On a computer running Windows 8, Windows 7, Windows Vista, Windows Server 2012, Windows Server 2008, or Windows Server 2008 R2, Start a Command Prompt as an Administrator, and then type the following command:

   gpupdate /target:computer /force
   

After Group Policy is refreshed, you can see which GPOs are currently applied to the computer.

To verify that a certificate is installed

1. Click the Start charm, type certmgr.msc, and then press ENTER.

2. In the navigation pane, expand Trusted Root Certification Authorities, and then click Certificates.

   The CA that you created appears in the list.