How to push the Securly SSL certificate with Active Directory GPO?


The Securly SSL certificate is essential to filter HTTPS sites correctly. You can push the Securly SSL certificate using a Mircosoft Active Directory GPO by adding the SSL certificate to the Trusted Root Certification Authorities store on your Active Directory server for all clients in a Microsoft domain.

Manual Process

  1. Download the Securly certificate.
  2. Open Administrative Tools, and then click Group Policy Management.
  3. In the console tree, under the top level of the domain, right-click and create a new policy and title it Securly Certificate.
  4. Double-click Group Policy Objects in the domain containing the Securly Certificate Group Policy object (GPO) that you want to edit.
  5. In the Group Policy Management Console (GPMC), go to "Computer Configuration > Windows Settings > Security Settings > Public Key Policies".
  6. Right-click the Trusted Root Certification Authorities store.
  7. Click Import and follow the steps in the Certificate Import Wizard to import the downloaded certificate.

Automated Script

  1. Download Securly GPO Cert and and extract to a folder.
  2. Open a PowerShell as administrator set-executionpolicy unrestricted
  3. Run SecurlyCertGPO.ps1
    1. (This will automatically create and link GPO at the top level)


Later this Fall, Securly's current SSL Certificate will expire. We have provisioned a brand new SSL Certificate available below which expires in 2034. While to get up and running today you only need to have the original SSL Certificate Installed, we recommend that you install both SSL Certificates at the same time to ensure when the original expires, you are at no loss of service.


Have more questions? Submit a request