Browsers typically come with certificates for well-known CAs already installed, and you rarely need to install them. If you need a CA's root certificate, you can usually download it from the CA's Web site.
The demonstration CA's certificate is not pre-installed in your browser, so you need to install it. It is supplied in the
private directory of the demoCA. You install this certificate as follows:
- In your browser, go to the options where you manage certificates.
- In Internet Explorer, click
Tools >
Internet Options >
Content >
Certificates. Go to the
Trusted Root Certification Authorities tab and click
Import.
- In Mozilla Firefox, click
Tools >
Options >
Advanced. Then scroll down and click
Manage Certificates. Click
Authorities and then click
Import.
- Install the CA's self-signed certificate, which is in the
private folder of your DemoCA directory. Specify the file
CARootCert.cer. Internet Explorer requires X509 certificates, in DER format, so only those are listed, and not the PEM format files. Mozilla Firefox can handle several types, so several are listed and you need to install the PEM-format certificate.
- In Internet Explorer, use the
Browse button to enter
Trusted Root Certification Authorities in the Certificate Store field.
In Mozilla Firefox, check
Trust this CA to identify Web sites.
- Look down the list under
Trusted Root Certification Authorities (for IE) and
Authorities (for Firefox). You will see that your Demo CA is now listed; look for its Common Name. If when you installed Micro Focus Demo CA you chose to use your computer DNS name as the DemoCA's Common Name, it will appear different to the rest, because real CAs tend to give themselves user-friendly Common Names.
