GPO, SRP, Windows Server 2012.

Brass Contributor

Hey Guys, 

I am trying to answer some questions on Software Restriction Policies that I have. Form this link here:

Under the section: Set Trusted Publishers Options


Here >> The policy settings in the Trusted Publishers tab of the certificate path validation policy allows administrators to control which certificates can be accepted as coming from a trusted publisher.

Do I set this policy settings under trusted publishers, or under Computer Configuration\Windows Settings\Security Settings, click Public Key Policies.


I don't understand what the difference is between the trusted publishers tab (of the SRP itself) and the "Trusted Publishers" under the security settings public key? 


Sorry I know its a strange question, but the documentation isn't very clear on the differences between both locations. Why is there a setting on the SRP (Itself) and in Group Policy (per the doc) ? The SRP settings DO NOT write to the security settings\Public Key Policies on the local client system. 







0 Replies