In order to automate the deployment of a certain service's installation, I'm trying to change the Certificate Path Validation Settings in PowerShell (any other programmatic method will do just as well). Specifically, I need to change the Network Retrieval settings (automatic update, override timeout settings, disallowing issuer certificate retrieval, etc.).
I know how to do this manually, using secpol.msc, but I need to automate this.
I tried to export the security configuration with secedit.exe, but either it doesn't contain the information that I need to modify, or I don't know how to identify it.
Does someone know how to get/modify these specific settings?
Finally found my solution - there is this tool called LGPO.EXE, that can help import, export, and edit the Certificate Path Validation Settings programmatically. Use of this will still require a restart to get the changes to apply, but at least it is now possible.