4

I installed Active Directory Certificate Services and created a Standalone CA. Everything went fine and it automatically installed the CA certificate and CRL on all my domain workstations.

On one of the workstations, I deleted all instances of the CA certificate and CRL from the Certificates snap-in. Now I can't figure out how to reinstall them. gpupdate doesn't do it.

I do not want to do it manually. It has to be automatic and must be identical to the original installation i.e. the CA certificate must appear in all the folders it previously was in in the Certificates snap-in and the CRL must also be installed. Similar to what would happen if I joined a new workstation to the domain.

Monstieur
  • 536
  • 3
  • 15
  • If a Standalone CA server is domain joined and the user configuring it has the appropriate privileges, it will automatically publish just like an Enterprise CA. I solved the issue anyway. – Monstieur May 17 '15 at 18:53
  • Yep, you're right. Well done. – Ryan Ries May 17 '15 at 18:56

1 Answers1

3

Running certutil -pulse before gpupdate made the workstation re-install the certificates.

Monstieur
  • 536
  • 3
  • 15