![]() TIP: Import this file to a standalone PGP Encryption Desktop client where you can manually validate the certificates associated to PGPtrustedcerts.asc are the correct/expected certificates. The correct folder is "%ProgramData%\PGP Corporation\PGP". Option 2 - Copy the PGPtrustedcerts.asc file that contains the correct certificate chain from one client to all clients. ![]() Consult with your AD Domain Admin to verify this is all configured properly. TIP 2: Check the Root, and Intermediate Certificates being used, and make sure these are trusted by your domain GPO. This will ensure any additional certs added will be included. TIP 1: Check the Root, and Intermediate Certificates being used, and make note of the Thumbprint/Fingerprint and make sure those are included in the Trusted Keys before you build the client package. If an internal Certificate Authority issued the server certificate, it is likely that the root and intermediate certificates would already have been added to each client machine's Windows Certificate Store. This applies whether a third party Certificate Authority or an internal Certificate Authority has issued the server certificate. It is vital that before installing a server certificate in the PGP Encryption Server, the root and any intermediate certificates in the chain are imported to the SEMS Trusted Keys (Keys / Trusted Keys) menu of the administration console. Option 1 - Import the certificates in the certificate chain used by the PGP Encryption Server to the "Trusted Root Certification Authorities" and/or "Intermediate Certification Authorities" of the Windows Certificate Store of each client. Symantec Enterprise Support recommends you to upgrade to ensure best performance for this issue. This behavior has been found to be resolved with PGP Encryption Desktop 10.5 MP2. Important Note: PGP Encryption Desktop 10.5 had an issue where none of the below options would work. Aside from clicking on "Always allow", there are several other options available so that end users are not presented with the invalid certificate alert:
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |