RECOMMENDED: Click here to fix Windows errors and optimize system performance
In one of our previous contributions, we saw what root certificates are. Some companies or users may feel the need to manage and configure trusted root certificates to prevent other domain users from configuring their own game. This article shows how to manage trusted root certificates and add certificates to the Trusted Root Certification Authorities Store in Windows 10/8.1.
Manage trusted root certificates in Windows
Click the File link and select Add/Remove Snap-In. Under Available Snap-ins, click Certificates, and then click Add.
Click OK. In the next dialog box , select Computer account, then select Next.
Now select Local Computer and click Finish.
In the MMC, double-click Certificates in the console tree, then right-click Trusted Root Certification Authorities Store. Under All Tasks, select Import.
The Certificate Import Wizard opens.
Follow the wizard to complete the operation.
Let’s see how to configure and manage trusted root certificates for one local computer. Open the MMC and click the File menu link and select Add/Remove Snap-In. Under Available Snap-ins, click Group Policy Object Editor, then click Add. Select the computer whose local GPO you want to edit and click Finish / OK.
In the MMC console tree, go back to Local Computer Policy > Computer Configuration > Windows Settings > Security Settings. Next Public Key Policies. Double-click Certificate Path Validation Settings and select the Storage tab.
Check the boxes here Set these policy parameters, Allow trusted root certificates to be used by users to validate certificates and Allow users to trust trusted certificates of their counterparts.
Finally, under Root Certificate Store, select the root certificates that client computers can trust, and click OK.
How to manage trusted root certificates for a domain and how to add certificates to the trusted root certification authorities store for a domain, see Technet.
RCC is a free root certificate scanner that can help you scan Windows root certificates for unreliable certificates.