This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

custom certificate for end users with ADCS

Hello there,
I need to know how I can prevent my users to face HTTPS error on their browsers while reaching authentication or blocked URL pages without importing any certification at user end? How I can secure such pages with ADCS?

thanks in advance,



This thread was automatically locked due to age.
  • The answer is that it's not possible, Mahmood.  You might find something to help you in Configuring HTTP/S proxy access with AD SSO.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • If your users don't surf the web with Chrome, you might be able to just use your default domain root certificate, which is already trusted by your domain joined PC's.

    If you have Chrome in your environment, a few updates ago they put in the requirement of certificates needing the subject alternative name. There are methods to get your ADCS to be able to generate these types of certs, but I don't recommend mucking with ADCS just for this.

    All you can do is generate the certificate on the UTM and push it out with group policy to the trusted root certificate store. This will ensure it's trusted by your PC's and they will not get a certificate error if you have HTTPS scanning enabled.

    Unless this isn't at all what you're asking, then I'm just confused by your question :-)