{"id":1684,"date":"2012-05-31T14:21:25","date_gmt":"2012-05-31T17:21:25","guid":{"rendered":"http:\/\/www.radians.com.ar\/blog\/?p=1684"},"modified":"2012-05-31T14:21:25","modified_gmt":"2012-05-31T17:21:25","slug":"como-distibuir-nuestro-certificado-ca-root-en-nuestro-dominio-por-group-policy-howto","status":"publish","type":"post","link":"https:\/\/www.radians.com.ar\/blog\/?p=1684","title":{"rendered":"Como distibuir nuestro certificado CA Root en nuestro dominio por Group Policy {HowTo}"},"content":{"rendered":"<p align=\"justify\"><font size=\"2\">Hoy vamos a ver como distribuir un certificado de nuestro Root CA por medio de las pol\u00edticas de grupo. Vamos a crear una nueva directiva de grupo que aplique a nuestro dominio para que sea distribuido en todos los equipos de nuestro dominio.<\/font><\/p>\n<p align=\"justify\"><font size=\"2\">Entonces creamos una pol\u00edtica que llamaremos CARoot en la consola <font color=\"#ff0000\" face=\"OCR A Extended\">Group Policy Management Editor<\/font>, la editamos, vamos a la secci\u00f3n <font color=\"#ff0000\" face=\"OCR A Extended\">Computer Configuration<\/font>.<\/font><\/p>\n<p><a href=\"http:\/\/www.radians.com.ar\/Articulos\/Images\/Como-distibuir-nuestro-certificado-CA-Ro_8604\/CARootGPO_01.png\"><img loading=\"lazy\" decoding=\"async\" style=\"background-image: none; border-bottom: 0px; border-left: 0px; margin: 5px; padding-left: 0px; padding-right: 0px; display: inline; border-top: 0px; border-right: 0px; padding-top: 0px\" title=\"CARootGPO_01\" border=\"0\" alt=\"CARootGPO_01\" src=\"http:\/\/www.radians.com.ar\/Articulos\/Images\/Como-distibuir-nuestro-certificado-CA-Ro_8604\/CARootGPO_01_thumb.png\" width=\"544\" height=\"263\" \/><\/a><\/p>\n<p align=\"justify\"><font size=\"2\">Ahora debemos ir a <font face=\"OCR A Extended\"><font color=\"#ff0000\"><strong>Windows Settings<\/strong><font color=\"#cccccc\" face=\"Trebuchet MS\">, luego a <\/font><strong>Security Settings<\/strong><font color=\"#cccccc\" face=\"Trebuchet MS\">, despues seleccionamos <\/font><strong>Public Key Policies<\/strong><font color=\"#cccccc\" face=\"Trebuchet MS\">, y <\/font><strong>Trusted Root Certification Authorities<\/strong><\/font><\/font>, como podemos ver en el siguiente screenshot.<\/font><\/p>\n<p><a href=\"http:\/\/www.radians.com.ar\/Articulos\/Images\/Como-distibuir-nuestro-certificado-CA-Ro_8604\/CARootGPO_02.png\"><img loading=\"lazy\" decoding=\"async\" style=\"background-image: none; border-bottom: 0px; border-left: 0px; margin: 5px; padding-left: 0px; padding-right: 0px; display: inline; border-top: 0px; border-right: 0px; padding-top: 0px\" title=\"CARootGPO_02\" border=\"0\" alt=\"CARootGPO_02\" src=\"http:\/\/www.radians.com.ar\/Articulos\/Images\/Como-distibuir-nuestro-certificado-CA-Ro_8604\/CARootGPO_02_thumb.png\" width=\"544\" height=\"330\" \/><\/a><\/p>\n<p><a href=\"http:\/\/www.radians.com.ar\/Articulos\/Images\/Como-distibuir-nuestro-certificado-CA-Ro_8604\/CARootGPO_03.png\"><img loading=\"lazy\" decoding=\"async\" style=\"background-image: none; border-bottom: 0px; border-left: 0px; margin: 5px; padding-left: 0px; padding-right: 0px; display: inline; border-top: 0px; border-right: 0px; padding-top: 0px\" title=\"CARootGPO_03\" border=\"0\" alt=\"CARootGPO_03\" src=\"http:\/\/www.radians.com.ar\/Articulos\/Images\/Como-distibuir-nuestro-certificado-CA-Ro_8604\/CARootGPO_03_thumb.png\" width=\"544\" height=\"332\" \/><\/a><\/p>\n<p align=\"justify\"><font size=\"2\">Hacemos un clic con el bot\u00f3n derecho y seleccionamos <font color=\"#ff0000\" face=\"OCR A Extended\">Import<\/font>. Esto har\u00e1 que comience el wizard para importar nuestro certificado.<\/font><\/p>\n<p><a href=\"http:\/\/www.radians.com.ar\/Articulos\/Images\/Como-distibuir-nuestro-certificado-CA-Ro_8604\/CARootGPO_04.png\"><img loading=\"lazy\" decoding=\"async\" style=\"background-image: none; border-bottom: 0px; border-left: 0px; margin: 5px; padding-left: 0px; padding-right: 0px; display: inline; border-top: 0px; border-right: 0px; padding-top: 0px\" title=\"CARootGPO_04\" border=\"0\" alt=\"CARootGPO_04\" src=\"http:\/\/www.radians.com.ar\/Articulos\/Images\/Como-distibuir-nuestro-certificado-CA-Ro_8604\/CARootGPO_04_thumb.png\" width=\"544\" height=\"332\" \/><\/a><\/p>\n<p align=\"justify\"><font size=\"2\">El wizard es bastante sencillo, ahora veremos los pasos a seguir.<\/font><\/p>\n<p><a href=\"http:\/\/www.radians.com.ar\/Articulos\/Images\/Como-distibuir-nuestro-certificado-CA-Ro_8604\/CARootGPO_05.png\"><img loading=\"lazy\" decoding=\"async\" style=\"background-image: none; border-bottom: 0px; border-left: 0px; margin: 5px; padding-left: 0px; padding-right: 0px; display: inline; border-top: 0px; border-right: 0px; padding-top: 0px\" title=\"CARootGPO_05\" border=\"0\" alt=\"CARootGPO_05\" src=\"http:\/\/www.radians.com.ar\/Articulos\/Images\/Como-distibuir-nuestro-certificado-CA-Ro_8604\/CARootGPO_05_thumb.png\" width=\"544\" height=\"486\" \/><\/a><\/p>\n<p align=\"justify\"><font size=\"2\">Debemos seleccionar nuestro certificado, el archivo .cer que bajamos desde la pagina de administraci\u00f3n de certificados. En nuestro caso le pusimos el nombre <font color=\"#ff0000\" face=\"OCR A Extended\">RootCA &#8211; certnew.cer<\/font>.<\/font><\/p>\n<p><a href=\"http:\/\/www.radians.com.ar\/Articulos\/Images\/Como-distibuir-nuestro-certificado-CA-Ro_8604\/CARootGPO_06.png\"><img loading=\"lazy\" decoding=\"async\" style=\"background-image: none; border-bottom: 0px; border-left: 0px; margin: 5px; padding-left: 0px; padding-right: 0px; display: inline; border-top: 0px; border-right: 0px; padding-top: 0px\" title=\"CARootGPO_06\" border=\"0\" alt=\"CARootGPO_06\" src=\"http:\/\/www.radians.com.ar\/Articulos\/Images\/Como-distibuir-nuestro-certificado-CA-Ro_8604\/CARootGPO_06_thumb.png\" width=\"544\" height=\"486\" \/><\/a><\/p>\n<p><a href=\"http:\/\/www.radians.com.ar\/Articulos\/Images\/Como-distibuir-nuestro-certificado-CA-Ro_8604\/CARootGPO_07.png\"><img loading=\"lazy\" decoding=\"async\" style=\"background-image: none; border-bottom: 0px; border-left: 0px; margin: 5px; padding-left: 0px; padding-right: 0px; display: inline; border-top: 0px; border-right: 0px; padding-top: 0px\" title=\"CARootGPO_07\" border=\"0\" alt=\"CARootGPO_07\" src=\"http:\/\/www.radians.com.ar\/Articulos\/Images\/Como-distibuir-nuestro-certificado-CA-Ro_8604\/CARootGPO_07_thumb.png\" width=\"544\" height=\"425\" \/><\/a><\/p>\n<p><a href=\"http:\/\/www.radians.com.ar\/Articulos\/Images\/Como-distibuir-nuestro-certificado-CA-Ro_8604\/CARootGPO_08.png\"><img loading=\"lazy\" decoding=\"async\" style=\"background-image: none; border-bottom: 0px; border-left: 0px; margin: 5px; padding-left: 0px; padding-right: 0px; display: inline; border-top: 0px; border-right: 0px; padding-top: 0px\" title=\"CARootGPO_08\" border=\"0\" alt=\"CARootGPO_08\" src=\"http:\/\/www.radians.com.ar\/Articulos\/Images\/Como-distibuir-nuestro-certificado-CA-Ro_8604\/CARootGPO_08_thumb.png\" width=\"544\" height=\"490\" \/><\/a><\/p>\n<p><a href=\"http:\/\/www.radians.com.ar\/Articulos\/Images\/Como-distibuir-nuestro-certificado-CA-Ro_8604\/CARootGPO_09.png\"><img loading=\"lazy\" decoding=\"async\" style=\"background-image: none; border-bottom: 0px; border-left: 0px; margin: 5px; padding-left: 0px; padding-right: 0px; display: inline; border-top: 0px; border-right: 0px; padding-top: 0px\" title=\"CARootGPO_09\" border=\"0\" alt=\"CARootGPO_09\" src=\"http:\/\/www.radians.com.ar\/Articulos\/Images\/Como-distibuir-nuestro-certificado-CA-Ro_8604\/CARootGPO_09_thumb.png\" width=\"544\" height=\"488\" \/><\/a><a href=\"http:\/\/www.radians.com.ar\/Articulos\/Images\/Como-distibuir-nuestro-certificado-CA-Ro_8604\/CARootGPO_10.png\"><img loading=\"lazy\" decoding=\"async\" style=\"background-image: none; border-bottom: 0px; border-left: 0px; margin: 5px; padding-left: 0px; padding-right: 0px; display: inline; border-top: 0px; border-right: 0px; padding-top: 0px\" title=\"CARootGPO_10\" border=\"0\" alt=\"CARootGPO_10\" src=\"http:\/\/www.radians.com.ar\/Articulos\/Images\/Como-distibuir-nuestro-certificado-CA-Ro_8604\/CARootGPO_10_thumb.png\" width=\"544\" height=\"486\" \/><\/a><\/p>\n<p><a href=\"http:\/\/www.radians.com.ar\/Articulos\/Images\/Como-distibuir-nuestro-certificado-CA-Ro_8604\/CARootGPO_11.png\"><img loading=\"lazy\" decoding=\"async\" style=\"background-image: none; border-bottom: 0px; border-left: 0px; margin: 5px; padding-left: 0px; padding-right: 0px; display: inline; border-top: 0px; border-right: 0px; padding-top: 0px\" title=\"CARootGPO_11\" border=\"0\" alt=\"CARootGPO_11\" src=\"http:\/\/www.radians.com.ar\/Articulos\/Images\/Como-distibuir-nuestro-certificado-CA-Ro_8604\/CARootGPO_11_thumb.png\" width=\"544\" height=\"283\" \/><\/a><\/p>\n<p align=\"justify\"><font size=\"2\">Obviamente, asociamos esta pol\u00edtica para que aplique a todo el dominio. Ahora debemos hacer un <font color=\"#ff0000\" face=\"OCR A Extended\">gpupdate \/force<\/font> y listo; el certificado se implementara en todos los equipos de nuestro dominio.<\/font><\/p>\n<p align=\"justify\"><a href=\"http:\/\/www.radians.com.ar\/Articulos\/Images\/Como-distibuir-nuestro-certificado-CA-Ro_8604\/CARootGPO_15.png\"><img loading=\"lazy\" decoding=\"async\" style=\"background-image: none; border-bottom: 0px; border-left: 0px; margin: 5px; padding-left: 0px; padding-right: 0px; display: inline; border-top: 0px; border-right: 0px; padding-top: 0px\" title=\"CARootGPO_15\" border=\"0\" alt=\"CARootGPO_15\" src=\"http:\/\/www.radians.com.ar\/Articulos\/Images\/Como-distibuir-nuestro-certificado-CA-Ro_8604\/CARootGPO_15_thumb.png\" width=\"544\" height=\"206\" \/><\/a><\/p>\n<p><font size=\"2\">Espero que les sea de inter\u00e9s y de utilidad. Saludos, Roberto Di Lello.<\/font><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Hoy vamos a ver como distribuir un certificado de nuestro Root CA por medio de&#8230;<\/p>\n","protected":false},"author":1,"featured_media":4291,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[12,11,158,69,297,13],"tags":[],"class_list":["post-1684","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-2003-r2","category-2008-r2","category-windows-server-2012","category-windows-7","category-windows-8","category-vista-xp"],"_links":{"self":[{"href":"https:\/\/www.radians.com.ar\/blog\/index.php?rest_route=\/wp\/v2\/posts\/1684","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.radians.com.ar\/blog\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.radians.com.ar\/blog\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.radians.com.ar\/blog\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.radians.com.ar\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1684"}],"version-history":[{"count":1,"href":"https:\/\/www.radians.com.ar\/blog\/index.php?rest_route=\/wp\/v2\/posts\/1684\/revisions"}],"predecessor-version":[{"id":1685,"href":"https:\/\/www.radians.com.ar\/blog\/index.php?rest_route=\/wp\/v2\/posts\/1684\/revisions\/1685"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.radians.com.ar\/blog\/index.php?rest_route=\/wp\/v2\/media\/4291"}],"wp:attachment":[{"href":"https:\/\/www.radians.com.ar\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1684"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.radians.com.ar\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1684"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.radians.com.ar\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1684"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}