33.5.6 When a User Accesses a Resource, the Browser Displays Certificate Errors

When you configure Identity Server to use SSL (the HTTPS protocol), the browser must be configured to trust the CA that created the certificate for Identity Server. If you use a well-known CA, the browser is usually already configured to trust certificates from the CA. If you use a less-known CA or the Access Manager CA to create the certificate, you need to import the public key of the trusted root certificate into the browsers to establish the trust. For the Access Manager CA, this certificate is called configCA.

For information about exporting the public key of a trusted root certificate, see Viewing Trusted Root Details.

To import a public key into the browser, access the certificate options, then follow the prompts:

  • For Internet Explorer, click Tools > Internet Options > Content > Certificates > Trusted Root Certification Authorities > Import.

  • For Firefox, click Tools > Options > Advanced > Encryption > View Certificates > Authorities > Import.