You’ll need to set up a certificate authority (CA) to manage networks and monitor traffic for your ChromeOS devices. It’s important to set up a CA to ensure that your users can access websites that have digital certificates that can be validated by a specific CA. This should be done early during your deployment to ensure that users can access websites without issues.
Step 1: Set up a CA in your Admin console
You can add up to 50 certificates in each organizational unit.
Sign in to your Google Admin console.
Sign in using your administrator account (does not end in @gmail.com).
In the Admin console, go to Menu DevicesNetworks.
- Go to Certificates.
- To apply the setting to all devices, leave the top organizational unit selected. Otherwise, select a child organizational unit.
- Click Create certificate.
- For Certificate, enter a name for the certificate.
- Click Upload.
- Select the PEM, CRT, or CER file.
Note: Only one certificate can be included in the file. The file will be rejected if it contains no certificate or more than one certificate. DER-encoded certificates are not supported.
- Click Open.
- For Certificate Authority, select the platforms that the certificate is a CA for.
- Click Add.
Step 2: Verify the CA on managed ChromeOS devices
- Go to chrome://settings.
- On the left, click Privacy and security.
- Click Security.
- Scroll to Advanced.
- Click Manage certificates.
- In the list, find the newly-added CAs.