PKI Tutorials - Herong's Tutorial Examples - Version 2.04, by Dr. Herong Yang
Installing CAcert.org Root CA in Firefox 3
This section provides a tutorial example on how to install CAcert.org root CA certificate in Firefox 3. Note that CAcert.org CA certificate is not pre-installed in Firefox 3.
As I mentioned in the previous section, Firefox 3 and other popular Web browsers do not recognize CAcert.org as a trusted root CA. Whenever you visit an HTTPS site with server certificate issued by CAcert.org, you will get an error page saying that the server certificate verification is failed.
To fix this issue, you need to install CAcert.org's certificate as trusted root CA certificate into Web browsers manually. Here I how I did it on Firefox 3.
1. Run Firefox 3 and visit https://support.ntp.org. The "This Connection is Untrusted" error page shows up. This confirms that CAcert.org's certificate is not a trusted root CA certificate in Firefox 3, because ntp.org's certificate is issued by CAcert.org.
2. Now visit http://www.cacert.org/index.php?id=3. CAcert.org certificates page shows up.
3. Click "Root Certificate (PEM Format)" link.
The "Download Certificate" dialog box shows up.
4. Check "Trust this CA to identify web sites" option and click "OK". CAcert.org's root certificate is installed in Firefox 3 now.
5. Close Firefox 3 and run it again to visit https://support.ntp.org. "The NTP Public Services Project" page shows up properly now.
6. View the server certificate path. See other Firefox 3 tutorials in this book for detailed steps. You will see:
CA Cert Signing Authority - The root CA certificate |- support.ntp.org - The server certificate
Last update: 2011.
Table of Contents