Managing approved root certificates under Windows 10/8

RECOMMENDED: Click here to fix Windows errors and optimize system performance

In one of our previous contributions, we saw what root certificates are. Some companies or users may feel the need to manage and configure trusted root certificates to prevent other domain users from configuring their own game. This article shows how to manage trusted root certificates and add certificates to the Trusted Root Certification Authorities Store in Windows 10/8.1.

Manage trusted root certificates in Windows

January 2021 Update:

We now recommend using this tool for your error. Additionally, this tool fixes common computer errors, protects you against file loss, malware, hardware failures and optimizes your PC for maximum performance. You can fix your PC problems quickly and prevent others from happening with this software:

  • Step 1 : Download PC Repair & Optimizer Tool (Windows 10, 8, 7, XP, Vista – Microsoft Gold Certified).
  • Step 2 : Click “Start Scan” to find Windows registry issues that could be causing PC problems.
  • Step 3 : Click “Repair All” to fix all issues.


Click the File link and select Add/Remove Snap-In. Under Available Snap-ins, click Certificates, and then click Add.

Click OK. In the next dialog box , select Computer account, then select Next.

Now select Local Computer and click Finish.

In the MMC, double-click Certificates in the console tree, then right-click Trusted Root Certification Authorities Store. Under All Tasks, select Import.

The Certificate Import Wizard opens.

Follow the wizard to complete the operation.

Let’s see how to configure and manage trusted root certificates for one local computer. Open the MMC and click the File menu link and select Add/Remove Snap-In. Under Available Snap-ins, click Group Policy Object Editor, then click Add. Select the computer whose local GPO you want to edit and click Finish / OK.

In the MMC console tree, go back to Local Computer Policy > Computer Configuration > Windows Settings > Security Settings. Next Public Key Policies. Double-click Certificate Path Validation Settings and select the Storage tab.

Check the boxes here Set these policy parameters, Allow trusted root certificates to be used by users to validate certificates and Allow users to trust trusted certificates of their counterparts.

Finally, under Root Certificate Store, select the root certificates that client computers can trust, and click OK.

How to manage trusted root certificates for a domain and how to add certificates to the trusted root certification authorities store for a domain, see Technet.

RCC is a free root certificate scanner that can help you scan Windows root certificates for unreliable certificates.

RECOMMENDED: Click here to troubleshoot Windows errors and optimize system performance

Related Video