Certificate Automation Manager

How to Enable Advanced Logging for Certificate Automation Manager Server

Jun 4, 2024

This article will guide you through enabling Certificate Automation Manager advanced logging feature. If this is not the solution you are looking for, please search for the solution in the search bar above. Note: This support article applies to Certificate Automation Manager version 5.x and below. Also, when facing issues to enroll for Certificates, our support staff may require more information to determine the root cause of the problem.

Read More

How to Create Custom Certificate Templates

May 26, 2025

This article will go over how to create templates from duplicates of default templates for both User and Machine Authentication. Depending on the use case that you implement, you will need to duplicate one of the default Certificate templates. Duplication is not required but is strongly recommended to avoid changing the properties of default templates and to better control the changes applied to templates that work with the Certificate Automation Manager.

Read More

How to Create and Link a GPO in Active Directory

Mar 25, 2025

This article will walk you through on how to create and link a Group Policy in Active Directory. Creating a GPO is a fairly simple task, so long as you know what settings you need to change, and how to apply it to the endpoints you are trying to affect.

Read More

How to Edit a GPO for Certificate Enrollment

May 26, 2025

This article will walk you through editing a GPO for Certificate Enrollment. Certificate Services Client - Certificate Enrollment Policy - These are the settings that define the URL for the policy servers which users and computers will contact. By default (in a newly created GPO), these setting will be set to "Not Configured", and will need to be changed to "Enabled". When you enable it, it will have a default Certificate Enrollment Policy (CEP) in the list called Active Directory Enrollment Policy, and it will be set as the default.

Read More

How to Identify and Solve Clock Skew Problems with NTP

May 29, 2024

As a GlobalSign customer, sometimes, you will encounter issues with Certificate deployment and installation through the Certificate Automation Manager. One that is recurrent is when a Certificate cannot be installed because a computer receives it outside the Certificate validity period. This happens because the start validity date is in the future compared to the time the computer reads from its local source or its NTP source. As a result, the computer does not validate the Certificate correctly and denies its installation. In this article, we will discuss the main reasons around clock/time skew issues when you are making use of our Certificate Automation Manager solution.

Read More