How to distribute the DocuSign External Certificate Authority to Client's Computers by Using Group Policy (GPO)

DocuSign External Certificate Authority (ECA) can be found in –
Direct link -

  1. On a Domain Controller in the Domain, start the Group Policy Management snap-in.

  2. Find an existing Group Policy Object (GPO) or create a new GPO to contain the certificate settings. Ensure that the GPO is associated with the domain, site, or organizational unit (OU) where the appropriate user and computer accounts reside

  3. Right-click the GPO, and then click Edit.

  4. In the console tree, open Computer Configuration\Policies\Windows Settings\Security Settings\Public Key Policies, right-click Trusted Root Certification Authorities, and then click Import. 

  5. On the Welcome to the Certificate Import Wizard page, click Next. 

  6. On the File to Import page, type the path to the appropriate certificate files (for example, \\fs1\c$\DOCUSIGN_EXTERNAL_ROOT_CA_G1.cer), and then click Next. 

  7. On the Certificate Store page, verify the Place all certificates in the following store is selected, and then click Next. 

  8. On the Completing the Certificate Import Wizard page, verify that the information you provided is accurate, and then click Finish. 

  9. Repeat steps 2 through 6 to add additional certificates. 

  10. To apply the update, restart the client's machines (or run CMD with gpupdate /force command).

  11. To verify both certificates were installed successfully, open the Certificates console under Trusted Root Certification Authorities (from Run MMC > File > Add/remove snap-ins > Certificates > My user account). The two DocuSign certificates should appear there:



Have an issue? To send us an email, please submit this form