Hi,
Two weeks ago we renewed our Entreprise CA cert and it was properly deployed to all our clients. I was able to even use certultil -pulse to get it updated on my laptiop as soons as I finished the cert renewal.
Today we received an incident from a group of users that manually deleted our root CA from the windows user cert store (Trusted Root CAs) and now the cert is not getting restored: no matter if you reboot or if you do certuil -pulse or if you do gpupdate /force...the CA certificate is no longer back to the Trusted Root CAs.
Nothing has changed at the CA/AD level and I see the CA cert properly published in AD (at least it seems to be in the correct AD cert stores). Are there any specific steps to be done to get the cert back into the cert store? I tried on my laptop delelting the cert and I've been not able to get it back yet (tried certutil, rebooting...etc.).
Why I don't understand is why the CA cert was properly pulled from the clients once but now if you deleted it, the certificate doesn't get back via autoenrollment.
I appreciate any help.
Thanks.