In this video i will create a New Certificates Trust List.
This exercise shows you how to create a new CTL.
You must perform the steps of this exercise on a domain controller.
- In the GPO snap-in, right-click the Enterprise Trust folder. Then select the New ? Certificate Trust List command to start the Certificate Trust List Wizard. Click the Next button, and you’ll see the Certificate Trust List Purpose page.
- Enter a descriptive prefix for the CTL in the provided field. Leave the other options at the default and click Next.
- The Certificates In The CTL page appears. Click the Next button to continue.
- The Signature Certificate page appears. Examine the default settings and click Next to continue.
- On the Secure Timestamp page, check the Add A Timestamp To The Data checkbox, then enter a URL in the Timestamp Service URL field. For purposes of this lab, you can enter any URL. Click Next to continue.
- Enter any name in the Friendly Name field, and any description in the description field. Then click Next to continue.
- Once you’ve completed the wizard, you get the usual summary page. Clicking the Finish button will create the CTL and store it in Active Directory. Close the MMC window. Close the desktop and return to the lab list.
