You’ll need to set up a certificate authority (CA) to manage networks and monitor traffic for your ChromeOS devices. It’s important to set up a CA to ensure that your users can access websites that have digital certificates that can be validated by a specific CA. This should be done early during your deployment to ensure that users can access websites without issues.
Step 1: Set up a CA in your Admin console
You can add up to 50 certificates in each organizational unit.
-
Sign in to your Google Admin console.
Sign in using your administrator account (does not end in @gmail.com).
-
In the Admin console, go to Menu
Devices
Networks.
- Go to Certificates.
- To apply the setting to all devices, leave the top organizational unit selected. Otherwise, select a child organizational unit.
- Click Create certificate.
- For Certificate, enter a name for the certificate.
- Click Upload.
- Select the PEM, CRT, or CER file.
Note: Only one certificate can be included in the file. The file will be rejected if it contains no certificate or more than one certificate. DER-encoded certificates are not supported. - Click Open.
- For Certificate Authority, select the platforms that the certificate is a CA for.
- Click Add.
Step 2: Verify the CA on managed ChromeOS devices
- Go to chrome://settings.
- On the left, click Privacy and security.
- Click Security.
- Scroll to Advanced.
- Click Manage certificates.
- In the list, find the newly-added CAs.