Public Key Policy Settings

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

Public Key Policies

Use this security setting to specify how to manage certificates and certificate life cycles.


GPO_name\Computer Configuration\Windows Settings\Security Settings\Public Key Policies\

Default Values
Server Type or GPO Default Value

Default Domain Policy

Not defined

Default Domain Controller Policy

Not defined

Stand-Alone Server Default Settings

Not defined

DC Effective Default Settings

Not defined

Member Server Effective Default Settings

Not defined


This security setting specifies whether certificates are automatically enrolled, renewed when they are expired, and removed when they are revoked.

You can specify certificates for data recovery, and you can specify Trusted Root Certification Authorities, and Enterprise Trust lists.

This security setting does not appear in the local Group Policy object.