So after following the guide to push user certificates down on to Windows 10 devices, we need a way of configuring chrome policies to automatically pick the certificate. You can do this by leveraging reg files or Chrome ADMX policies. In this example we’re using reg keys. To do this, we need to export and push out a reg key to the devices.

The reg key should look like this: 

The exact syntax should follow this:

Make sure you specify the name of the CA that the cert is coming from.

After this reg entry has been made. We need to push it out using product provisioning.

Login to your Workspace One UEM console and navigate to the file/actions section of product provisioning:

Add a files/action and upload the exported reg key and .bat file that installs it.

My .bat file contains this: regedit /s c:\eucse\chromesettings\chromeautocert.reg

Specify where you want the files downloaded to and reference this in your .bat file.

No we need to tell the agent to run the .bat file, this is done under the ‘Manifest’ section here’s my example:

Make sure you then add the files/actions to a product and assign it to your required devices.

This should then install the reg entry on your Windows 10 devices and Chrome should now have that policy set (You may need to restart chrome).

Spread the love