Publish root CA and sub ca certificate to the Trusted root certificate store

certificate-authority

There are two methods. You can either use Group Policy to distribute the certificates to domain clients, or you can use certutil.exe -dspublish -f <certfilename> RootCA. There are advantages to either method. The dspublish method is simpler, but the Group Policy method is a bit more flexible. Using Group Policy, you can scope the recipients of the certificate(s) to certain OUs, configure extended properties like Extended Validation, OCSP responders, etc.

enter image description here

http://technet.microsoft.com/en-us/library/cc782744(v=WS.10).aspx

OR

enter image description here

But you do not need to do both.

Related

Testing Windows user accounts without actually logging into them?
How to increase swap space on a live server [duplicate]
location of 70-persistent-net.rules in Centos 7
Invoke-Restmethod breaks script in PS 4.0
Nothing is written in php5-fpm.log
rsnapshot diff between snapshots
How can I configure monit to only alert rather than restart?
Multiple ethernet interfaces
Cannot connect to PostgreSQL unix domain socket
RAID rebuilding seems to have stopped
Large number of ssh login attempts [duplicate]
OpenSSL cannot convert PKCS12 exported from Cisco ASA 55xx