Hi, You can try to distribute your Certificate Authority certificate with an Active Directory group policy: With the GPO editor, edit the Default Domain policy : Computer Configuration /Windows Settings / Security Settings / Public Key Policies / Trusted Root Certification Authorities Then right-click and select Import. We're using this method, it's work fine. Hope this helpsjean-marc Haby

Setting up Windows 7 for the first time. I've learned a lot but haven't been able to figure this one out. Our company has issued their own security certificate for Outlook Web Access. I've joined the computer to the company domain. If I log on as a local user, I can install the certificate in Trusted Root Certification Authorities and the certificate will show up in the list. I can then go to OWA cleanly with no security warning. If i log on as a domain user and try to install the certificate, I get the "import was successful" message at the end of the Certificate Import Wizard, but the certificate never shows up in the list. Opening OWA results in the "problem with this website's security certificate" message. I've tried adding domain users to the computer's Administrators group and still get the same results. Talked to IT support at corporate and other locations within the company and nobody else is having the same issue. Do not have any issues installing certificate on XP Pro machines. (Using Win 7 Pro, SP 1 on HP Elitebook 8540w)

Hi, Did the issue only occur on your domain account or all domain accounts on Windows 7? The issue seemed to be related to server CA since your local account has no issue. I suggest contacting Server Forum to confirm the CA issue. Win Server Forum http://social.technet.microsoft.com/Forums/en-US/category/windowsserver Regarding the client side, you could add your OWA Server into Trust Site. Enable "Allow Scriptlets" under "ActiveX Control" in the Internet Options -> Security -> Custom level for Internet zone. Internet Options -> Content -> Certificates, click Advance and check option for Client Authentication. Best Regards, NikiPlease remember to click "Mark as Answer" on the post that helps you, and to click "Unmark as Answer" if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

New Discovery: I took a machine back to the out-of-the-box configuration, joined it to the domain and had no problems installing the certificate as either a local or domain user. I repeated my original setup and discovered that the problem appeared when I copied a profile to the "default" user profile. Any profiles (local or domain) created afterwards (from that default) were "broken" as far as installing that certificate.

Hi, Would you please let me know if the issue is resolved? If not, I suggest contacting Windows Server Forum to get more help. Best Regards, NikiPlease remember to click "Mark as Answer" on the post that helps you, and to click "Unmark as Answer" if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

Issue is not resolved and I don't think it will be. If you look at my post from March 24, you'll see the problem resulted from something I did while trying to create a default profile.

Hi, Please refer to the following KB to create the default profile. Hope it helps. http://support.microsoft.com/?id=973289 Regards, Niki Please remember to click "Mark as Answer" on the post that helps you, and to click "Unmark as Answer" if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

New Discovery: I took a machine back to the out-of-the-box configuration, joined it to the domain and had no problems installing the certificate as either a local or domain user. I repeated my original setup and discovered that the problem appeared when I copied a profile to the "default" user profile. Any profiles (local or domain) created after that were "broken" as far as installing that certificate.

Issue is now resolved for me. As an administrator, I added the Certificate Snap-In in mmc for the Computer Account (rather than user account). Imported the certificate to the Trusted Root CA folder and it is now there for every user (both existing and new user profiles).