Importing the CA's Root Certificate

Browsers typically come with certificates for well-known CAs already installed, and you rarely need to install them. If you need a CA's root certificate, you can usually download it from the CA's Web site.

The demonstration CA's certificate is not pre-installed in your browser, so you need to install it. It is supplied in the private directory of the DemoCA directory. You install this certificate as follows:

Note: These steps are applicable if you are using Internet Explorer (version 9); steps required for other versions of Internet Explorer or other browsers may differ.
  1. In Internet Explorer, click Tools > Internet Options > Content > Certificates. Go to the Trusted Root Certification Authorities tab and click Import.
  2. Use the wizard to install the CA's self-signed certificate, which is in the private folder of your DemoCA directory. Specify the file CARootCert.cer. Internet Explorer requires X509 certificates, in DER format, so only those are listed, and not the PEM format files. Other browsers can handle several types, and so they may also be listed.
  3. Look down the list under Trusted Root Certification Authorities. You will see that your Demo CA is now listed; look for its Common Name. If when you installed Micro Focus Demo CA, you chose to use your computer DNS name as the DemoCA's Common Name, it will appear different to the rest, because real CAs tend to give themselves user-friendly Common Names.