I use an AWS WorkSpace for a Windows remote desktop, connecting to some systems that have a custom CA. As the WorkSpace is managed by a domain, simply installing the CA certificates as usual doesn’t work. After much frustration, I figured out the right steps to manually add a CA cert.
- install Group Policy Management Console by opening an Admin PowerShell and running:
Install-WindowsFeature –Name GPMC - Run GPMC:
gpmc.msc - Set up Group Policy Object, following Install the Group Policy Administrative Template
- Open the new WorkSpaces Machine Policies
- Go to Computer Configuration -> Policies -> Windows Settings -> Security Settings -> Public Key Policies -> Trusted Root Certification Authorities
- Right click, select Import…
- Follow wizard prompts
- Log out then back in