How to push the Securly SSL certificate with Active Directory GPO?


The Securly SSL certificate is essential to filter HTTPS sites correctly. You can push the Securly SSL certificate using a Mircosoft Active Directory GPO by adding the SSL certificate to the Trusted Root Certification Authorities store on your Active Directory server for all clients in a Microsoft domain.

Manual Process

  1. Download the Securly certificates.
    • Later this Fall, Securly's current SSL Certificate will expire. We have provisioned a brand new SSL Certificate available below which expires in 2034. While to get up and running today you only need to have the original SSL Certificate Installed, we recommend that you install both SSL Certificates at the same time to ensure when the original expires, you are at no loss of service.

        Expires 2020 Cert Expires 2034 Cert
      Windows / GPO securly_ca_2020.crt securly_ca_2034.crt


  2. Open Administrative Tools, and then click "Group Policy Management".
  3. In the console tree, under the top level of the domain, right-click and create a new policy and title it Securly Certificate.
  4. Double-click Group Policy Objects in the domain containing the Securly Certificate Group Policy object (GPO) that you want to edit.
  5. In the Group Policy Management Console (GPMC), go to "Computer Configuration > Windows Settings > Security Settings > Public Key Policies".
  6. Right-click the Trusted Root Certification Authorities store.
  7. Click Import and follow the steps in the Certificate Import Wizard to import the downloaded certificate.


Have more questions? Submit a request